KuppingerCole Report
Executive View
By Mike Small

Symantec CloudSOC™

Many organizations are using cloud services, but the use of these services is often poorly governed. Cloud Access Security Brokers (CASBs) provide functionality to discover the use of the cloud, to control which cloud services can be accessed and to protect the data held in these services. This report provides an up to date review of Symantec CloudSOC™ which strongly matches KuppingerCole’s recommended functionality for CASBs. It provides a valuable tool that organizations can use to improve governance over their use of cloud services.

1 Introduction

Organizations are embracing the use of cloud services because of the benefits that they bring in terms of speed to deployment, flexibility and price. However, the use of these services is not well integrated into the normal IT access governance processes and technologies that are found within organizations.

While access to on-premises IT systems is usually well managed through access governance, the same does not always apply to cloud services. In addition, employees and associates can use personal cloud services to perform their jobs without reference to their employer. To compound the problem, mobile devices may also be used to access these services from outside of the organizational perimeter.

This has led to challenges around the governance of cloud services needed to ensure compliance with laws and regulations as well as to manage cyber threats. The requirements for control over the transmission, processing and storage of personal data from the upcoming GDPR is one example of these challenges. The uncontrolled use of cloud services also increases cyber-risks; cyber adversaries may obtain unauthorized access to steal or corrupt data held in these services, as well as to plant malware that could then infect the organization using them.

In an ideal world, the functionality to manage access to cloud services and to control the data that they hold would be integrated with the normal access governance and cyber security tools used by organizations. However, these tools were slow to develop the required capabilities, and this has led to a market in CASBs (Cloud Access Security brokers) to plug the gap. It is notable that some of the CASBs on the market have already been acquired by major security software vendors and are being integrated into their toolsets.

KuppingerCole has analysed this market segment and recommends that CASBs should provide functionality that enables customers to:

  • Detect Cloud Service Usage– Identifying the cloud services being used from within an organization and providing control over their use is a key capability to manage risk. The first generation of CASBs focussed on this area providing coarse grained discovery and control using network traffic analysis and proxy gateways.
  • Control Usage of Cloud Services– access to the cloud services should be controlled so that business critical and regulated data can only be moved into approved cloud services. While employees should easily be able to access approved services, their access rights should be controlled in the same way as for other IT systems. Ideally, the access controls should be based on existing organizational directories and provide seamless access for authorized use of the approved services. Many cloud services provide granular access control capabilities, and these should be exploited.
  • Protect against Cyber Risks– there are many different ways in which there could be unauthorized access to a customer’s data held in a cloud service. A CASB should provide capabilities to detect cyber-threats threats to business-critical data and to protect against malware, unauthorized access and data leakage. Ideally this protection should include techniques such as encryption to protect sensitive data. However, encryption and tokenization of data can impact on the functionality of SaaS applications.
  • Support Compliance - many organizations depend upon their data being processed and protected in a way that is compliant with laws and regulations. To support this need, the product should provide “out of the box” capabilities aligned with specific regulations. Ideally these capabilities should be independently certified or, at least, the vendor should be able to provide examples of customers who have successfully used the product to achieve compliance.

CASBs provide a valuable tool for organizations to improve the governance over their usage of cloud services. Organizations should be considering CASBs that provide all of the functionality described above in a way that is well integrated with their existing governance and processes and security toolsets. However, it is important for a customer using these products to understand their specific requirements and select products that match these.

2 Product Description

Symantec is an US software company headquartered in Mountain View, California that specializes in IT security software and services. In June 2016 Sym ...

Login Get full Access

2.1 Symantec CloudSOC™

The Symantec CloudSOC platform provides the capabilities for organizations to exploit cloud applications and services while remaining secure and compl ...

Login Get full Access

2.2 Symantec CloudSOC™ Audit

Symantec CloudSOC Audit discovers and monitors the cloud services being used from within an organization and, in conjunction with other Symantec produ ...

Login Get full Access

2.3 Symantec CloudSOC™ Security for SaaS

Symantec CloudSOC Security for SaaS monitors and controls use of a wide range of sanctioned SaaS and IaaS platforms including Office 365, G-Suite, Box ...

Login Get full Access

2.4 CloudSOC™ and Symantec DLP integration

Integration between Symantec CloudSOC and Symantec DLP enables customers to leverage their existing on-premises DLP policies and workflows to extend p ...

Login Get full Access

2.5 CloudSOC™ and Symantec Cloud Data Protection Gateway

The Symantec Cloud Data Protection Gateway enables organizations to define field level data protection policies that govern exactly how sensitive data ...

Login Get full Access

2.6 CloudSOC™ and Symantec™ Information Centric Encryption

Symantec Information Centric Encryption delivers protection that follows data wherever it is stored, used, or moved to. It protects data with enterp ...

Login Get full Access

2.7 CloudSOC™ and Symantec Advanced Threat Protection integration

CloudSOC integrates with Symantec Advanced Threat Protection including file reputation intelligence, A/V scanning, and sandboxing technologies to prot ...

Login Get full Access

2.8 CloudSOC integration with Symantec Endpoint Protection

CloudSOC integrates with Symantec Endpoint Protection (SEP) through the single SEP agent. This agent integrates with CloudSOC Audit to provide visibi ...

Login Get full Access

2.9 CloudSOC™ and Symantec VIP integration

SymantecTM VIP (Verified-ID Protection) is a cloud-based, strong authentication service that provides secure access to sensitive data and applicatio ...

Login Get full Access

3 Strengths and Challenges

Symantec CloudSOC strongly matches KuppingerCole’s recommended functionality for CASBs. It provides capabilities which go beyond those found in fir ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.