On the Radar: CipherCloud

(1)

On the Radar: CipherCloud

Cloud access security delivered on enterprise

gateways

Publication Date: 18 Feb 2015 | Product code: IT0022-000305 Rik Turner

(2)

Summary

Catalyst

CipherCloud develops cloud visibility and security technology that provides discovery, data loss prevention (DLP), encryption, tokenization, malware detection, monitoring, and anomaly detection. It delivers the technology as on-premise “gateway” software, with different versions depending on the cloud application they protect. Salesforce, ServiceNow, Office 365, Box, Gmail, and Amazon Web Services are currently available, with more to follow.

Key messages

 CipherCloud develops gateways for companies to securely access cloud applications.  In addition to data loss prevention (DLP), it offers encryption and tokenization of data.  It also has a platform for companies to discover which cloud applications employees have

begun using without asking their permission (shadow IT).

 Cloud access security is an emerging market and CipherCloud, by virtue of being an early mover, has established its name ahead of a growing pack of competitors. To maintain its lead it will need to continue to deliver additional functionality.

Ovum view

CipherCloud will strive to maintain its early lead in cloud access security, meaning it will have to expand its platform’s functionality to stay ahead. It will either float its shares, or be acquired by a larger entity adding cloud security to its portfolio.

Recommendations for enterprises

Why put CipherCloud on your radar?

Cloud access security is an increasing common requirement as more and more enterprises adopt this delivery mechanism for applications. CipherCloud has established an early lead and is worth keeping on your radar to see how it develops and what additional functionality it brings to market. Its portfolio already supports many of the more commonly used cloud applications and Ovum expects several more to follow this year.

Highlights

CipherCloud develops gateway products, which some in the market are calling cloud access security brokers or cloud application controllers (the market is too new for one established phrase to have gained widespread currency). These devices are primarily designed to give companies the visibility to see which cloud applications their employees have already begun to use without asking permission, and then to enable them to decide which ones they want to standardize on and block all the others. From this point forward, organizations can use CipherCloud technology to monitor traffic to and from

(3)

these cloud services and determine which flows need to be encrypted using the 256-bit AES cipher or obfuscated using tokenization, and then enforce this decision via the CipherCloud platform.

Deployment can be either on-premise or in the cloud itself, but the company says that most of its customers prefer to install on-premise, particularly because they want to retain ownership, and therefore control of the encryption keys.

CipherCloud delivers its technology as discrete gateways for each cloud application for which employee access is to be secured, and to this end it clearly intends to expand the range of applications covered.

The company already offers the CipherCloud for Any App product, but the six application-specific products (Salesforce, ServiceNow, Office 365, Box, Gmail, and Amazon Web Services) offer deeper integration for purposes of data loss prevention (DLP) functionality, and there are certain to be other applications to follow for this reason. Ovum expects to see CipherCloud gateways for other enterprise file sync and share (FS&S) applications in addition to Box, for example.

Among its significant partnerships, CipherCloud cites Cap Gemini and Deutsche Telekom, both of which use its gateways in their enterprise IT service offerings. It would be good to see more of these relationships evolving, particularly if CipherCloud is to remain ahead of an increasingly crowded market of startups offering similar cloud access security functionality.

Background

CipherCloud was founded in 2010 by Pravin Kothari, an executive who had previously been at ArcSight (a security incident and event management vendor acquired that year by HP). It launched its first gateway solution, a product for Salesforce users, a year later. Since then it has added a series of other products, all of them focused on the cloud applications most commonly used in the enterprise. In April 2014, it added CipherCloud for Cloud Discovery, which is software that enables a company that is about to venture into the cloud to find out what its employees are already using on an informal basis, enabling it to address the so-called shadow IT phenomenon, whereby companies belatedly discover that their employees are using multiple file sync and share applications in the cloud, for instance.

Current position

Entering its fourth year in the expanding market for platforms to enable secure access by businesses to applications in private and public clouds, CipherCloud claims more than 100 major enterprise clients and has about 500 staff. Still privately held, it closed its Series B funding round of $50m in December 2014 and claims to be cashflow-positive.

With a third of its revenue already coming from customers in Europe, CipherCloud is now expanding its presence there beyond its EMEA HQ in the UK, with offices recently opened in France and Germany. Latin America and Asia-Pacific are also on its radar.

On the product side, the company will continue to add more monitoring and anomaly detection capabilities to its platform, introducing advanced machine learning as well as connectors to the leading security incident and event management (SIEM) products for greater integration into

(4)

expand the range already offered. Other FS&S applications beyond Box appear to be the most obvious candidates, given the explosion in popularity of these cloud services.

CipherCloud’s vision is to evolve toward becoming a general cloud access control layer in companies’ infrastructure, enabling them to discover what is currently in use by their employees, put together policies regarding what can and cannot be used going forward, block access to cloud applications it does not want to be used, and continue to monitor employee usage from that point.

Cloud access security platforms, whether they are called brokers, controllers, or gateways, are certain to see further growth in demand as more and more companies move at least part of their enterprise application infrastructure to the cloud. Not surprisingly therefore, this is starting to become a more crowded market, with Ovum aware of more than a dozen companies offering this functionality created specifically for this purpose.

At some point, Ovum expects to see a land grab by larger, more established players in networking and security buying up some of the more successful of these startups. All the companies competing in this market should therefore expand their customer base and gain visibility in readiness for this phase.

Data sheet

Key facts

Table 1: Data sheet: CipherCloud

Product name CipherCloud Product classification Secure gateways to protect data in cloud environments Version number 4.4 Release date First released Feb 2011 Industries covered Banking, insurance, financial

services, healthcare, pharmaceuticals, telecommunications, technology, government agencies

Geographies covered North America, Europe and Australasia

Relevant company sizes Medium to large enterprises, global organizations

Licensing options Annual license

URL _{www.ciphercloud.com} Routes to market Direct, channel sales, systems integrators

Company headquarters San Jose, California, US Number of employees 500 Source: Ovum

Appendix

On the Radar

On the Radar is a series of research notes about vendors bringing innovative ideas, products, or business models to their markets. Although On the Radar vendors may not be ready for prime time, they bear watching for their potential impact on markets and could be suitable for certain enterprise and public sector IT organizations.

(5)

Author

Rik Turner, Senior Analyst, Infrastructure Solutions [email protected]

Ovum Consulting

We hope that this analysis will help you make informed and imaginative business decisions. If you have further requirements, Ovum’s consulting team may be able to help you. For more information about Ovum’s consulting capabilities, please contact us directly at [email protected].

Copyright notice and disclaimer

The contents of this product are protected by international copyright laws, database rights and other intellectual property rights. The owner of these rights is Informa Telecoms and Media Limited, our affiliates or other third party licensors. All product and company names and logos contained within or appearing on this product are the trademarks, service marks or trading names of their respective owners, including Informa Telecoms and Media Limited. This product may not be copied, reproduced, distributed or transmitted in any form or by any means without the prior permission of Informa

Telecoms and Media Limited.

Whilst reasonable efforts have been made to ensure that the information and content of this product was correct as at the date of first publication, neither Informa Telecoms and Media Limited nor any person engaged or employed by Informa Telecoms and Media Limited accepts any liability for any errors, omissions or other inaccuracies. Readers should independently verify any facts and figures as no liability can be accepted in this regard – readers assume full responsibility and risk accordingly for their use of such information and content.

Any views and/or opinions expressed in this product by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Informa Telecoms and Media Limited.

(6)

CONTACT US www.ovum.com [email protected] INTERNATIONAL OFFICES Beijing Dubai Hong Kong Hyderabad Johannesburg London Melbourne New York San Francisco Sao Paulo Tokyo

On the Radar: CipherCloud