The best (and worst) features of 7 top cloud security solutions

With the continuous shift to cloud service and deployment models in the enterprise technology space, tech professionals are placing more of a focus on cloud security. Deep visibility, a comprehensive suite of security features, and ensuring real-time compliance are cited as important criteria to consider when evaluating cloud security solutions.

According to enterprise users on the reviews site IT Central Station, top cloud security solutions in the market include Evident.io, Cisco CloudLock, Dome9, Netskope, Skyhigh, CloudPassage and Bitglass.

Here, IT Central Station users share their experiences with using these solutions, describing which features they find valuable and where they see room for improvement.

Evident.io

High points “It allows me to see what’s happening in our AWS account. I have several, so this is a nice, single pane, point of view for me whenever I have to make sure that configurations are as secure as possible.” — SrManage0c6e, a senior manager of information security at a software R&D company

“This enables us to clean up our existing AWS accounts and to update our processes for new accounts. This improves our overall security process to an acceptable level. We are building out new AWS accounts that are secured from the beginning instead of fixing problems as they are detected. This ensures that everything is consistent and secure from the beginning.” — Supervisa81a, an architecture & infrastructure platform delivery supervisor at a recruiting/HR firm

Room for improvement “I would like to see integration of PCI audits into the dashboard. That would help greatly in passing our PCI audits for AWS in an easy-to-view method.

I would also like the ability to integrate Evident with AWS in such a way that we could make basic changes to the AWS environments based on security alerts. For example, the ability to lock down unsecured security groups, apply PW policies, and rotate IAM keys.” — ITSecuribe99, an IT Security Professional at a comms service provider

Read more Evident.io user reviews.

Cisco CloudLock

High points “It is a good CASB solution for protection of collaboration of content. The in-built features are apt to deal with SBU/ITAR data. Data shared with external parties has been significantly controlled. This CASB solution eliminated unauthorized risk of accessing data in our organization.” — Principal658, a Principal at a tech company

Room for improvement “The issues with CloudLock are mostly for Google to address. Google is all about trusting users, which is a nightmare for an administrator. It allows any user to intentionally or accidentally give a random third party full access to a Google account. As long as this issue exists, CloudLock or any other product is only a band-aid solution. It can only work reactively, and not stop the incident from occurring.” — ITSecSpecialist789, an IT security specialist at a financial services firm

Read more Cisco CloudLock user reviews.

Dome9

High points “We have been able to empower our development team to work with the infrastructure in a managed, foolproof way to insure testing and other efforts don’t leave unintended holes.” — Eric H., President at a tech services company

Room for improvement “The governance and compliance areas are becoming very useful, and continue to expand in very user-friendly ways. Addressing the large amount of compliance information and benchmarks we need to observe, the tools are becoming our go-to dashboards.” — Eric H.

Netskope

High points “The most valuable feature for us is the 360-degree visibility it provides. Now I have the ability to see what’s coming and going in the organization from a cloud application perspective. I can see uptimes and I can assess risk to them based on things that are important to us and not just the industry.” — Craig G., a Chief Security Officer at a healthcare company

Room for improvement “I would like for the product to have very clear visibility with regards to what SaaS is being used actively versus what SaaS is being accessed from a passive user.” — Sujeet B., Enterprise Security Architect at a tech vendor

Skyhigh

High points “Our organization is moving much of its non-sensitive data to Box and we needed the ability to have full visibility into what was occurring within the Box infrastructure. With the Skyhigh to Box API integration, we can not only see everything that occurs but we can setup many DLP policies to block or monitor what is occurring in Box. You can also run a custom DLP query against your Box infrastructure to look for specific DLP issues that may have been created since the older data was loaded.” — CyberSecurity33, aCyber Security Engineer at a recruiting/HR firm

“We now have a good conscious [sic] about using Cloud services. Without an overview, you can only imagine what is going on. With monitoring, analysis and threat prevention, we know exactly what is going on and can prevent activity that we deem unacceptable or creates unnecessary risk. We have a much better overview of where our data is, both in terms of which service, but also in terms of geographical location.” — Lasse M. J., Solutions Architect at Credocom A/S

Room for improvement “The Skyhigh for Google Drive interface and policy engine is a bit confusing and limited when compared against other Google Drive CASB capabilities.” — Spencer J., Cyber Security Analyst at a tech services company

Read more Skyhigh user reviews 

CloudPassage

High points “Policies are very easy to manage on a day-to-day basis. With a few clicks in their cloud management portal, you can implement and change security policies in thousands of servers. This feature allowed us to implement changes in our environment much faster.” — Alysson A., an Information Security Analyst at a transportation company

Room for improvement “The reports and graphs are not intuitive. Also, there is no feature or CloudPassage tool that facilitates the implementation of the agents. We had to use third-party software to implement and update the agents.” — Alysson A.

Bitglass

High points “It allows a window into who is sharing what types of data internally and externally. It allows us to know where sensitive data is really stored and offers the ability to quarantine based on data types and sharing criteria.” — SharedInfoSec438, aShared Information Security Officer at a university

Room for improvement “The cloud-based portal tends to get slow as the number of events increase. There is room for improvement in regards to reporting and having simpler policy creation.” — SharedInfoSec438

To learn more from what real users have to say about other leading solutions in the market, read additional cloud security reviews by IT Central Station users.

More on cloud security

• Top cloud security controls you should be using
• 12 cloud security threats
• Who’s responsible for cloud security?