After years of speculation, tentative adoption, confusion, and lessons learned, cloud services have gained broad mainstream acceptance. IDC’s cloudView Survey found that across 12 tiers of business size ranging from small business to enterprise, 64% of end customers are using SaaS. This number climbs to 81% when we add in respondents cited “improved business agility” as the leading benefit of SaaS adoption, while 39% of respondents also noted the benefit of “reduced total size of IT budget.” Notably, respondents cited “improved IT security” as the second most anticipated benefit of public cloud adoption.
SaaS adoption has swelled as business leaders eagerly anticipate the potential advantages of public cloud services. However, the need for security has emerged as a key lesson learned. Simple mistakes such as misconfigurations in AWS S3 buckets led to a rash of data breaches in 2018, including large multinational corporations and U.S federal agencies.
Thus, cloud providers now offer built-in security capabilities with their cloud services. For many organizations, built-in security may prove adequate. However, SaaS providers cannot ensure against all forms of threats, leaving businesses to identify and fill the gaps – a task that is massively complicated for organizations relying on multiple SaaS platforms, each with varying degrees of protection and different policy engines and interfaces. While cloud providers have made great strides to secure their services, customers are increasingly recognizing the need to take a role in securing their cloud environments.