CloudCodes approach on securing cloud applications


Cloud adoption have been on rise since last 7-8 years.  For all good reasons enterprise finds cloud applications to be cost effective and bring efficiency in there overall process. However, there is no single universal cloud application that will work for every need of an enterprise. Based on the functional objective of enterprise, various cloud based applications are adopted such Zoho/SalesForce for CRM, Google for Work/Office365 for messaging, Marketo for marketing and so on. Each of the cloud application hosts the cloud applications and serves the customers across in the world in a multi-tenant manner.

casb The cloud application provider responsibilities are to ensure physical infrastructure on which the application is hosted. The CSP ensures the solution is scalable, robust and secure. The data within the cloud belongs to the customer and it is the responsibility of customer to ensure the data is secure and safe.

There are two set of problems

  1. Managing Identities across multiple applications
  2. Managing Security across multiple application

The problem 1 relates to managing identities across multiple applications in a unified manner. Provisioning and de-provisioning of users across cloud applications is a huge challenge. The problem is however resolved through Single Sign On or Identity Access Management solutions. There are many vendors who are in this area providing very robust and rich solution.

The problem#2 relates to managing security across all the adopted cloud applications by the enterprise. Some of these security controls are provided by some of the cloud applications but managing across multiple applications may become a challenge. Some analyst referred this area of concern as Cloud Access Security Broker(CASB) or Cloud Security Gateway(CSG). There are good number of vendors in this area. But all of them uses API methodology to determine risk or security concerns within a cloud application. CloudCodes uses a different approach.

1. cloud security gateway - SSO1

CloudCodes uses a preventive approach to secure multiple cloud applications through SSO1. It provides controls to the IT team to prevent un-authorized access to the enterprise cloud applications. It has taken a reverse route to cloud based single sign on or identity access management i.e. it is providing SSO/IAM as part of its cloud security offering.  It adds an cloud based firewall on top of all cloud applications to ensure authorized users access the cloud application in a secured manner. It is also adding other capabilities of CASB such as using API based approach to determine any security related risks for a cloud applications.

The objective is to add capabilities to the product SSO1 to enhance the level of cloud security for organsiations cloud applications.