Now that cloud computing has for all intents and purposes become a mainstream element of enterprise IT, attention is turning toward securing those services. With that specific issue in mind, Cisco this week announced it has plunked down $293 million to acquire CloudLock, a provider of cloud access security brokering software delivered as a service using REST application programming interfaces (APIs).
The acquired technology is destined to become part of Cisco’s Networking and Security Business Group. Derek Idemoto, vice president of corporate development for Cisco, says there’s no overlap between Cisco’s existing portfolio of security technologies and the technology CloudLock developed to enable IT departments to manage who inside an organization can access a particular cloud service.
Idemoto says Cisco is developing a broad cloud security portfolio that customers will be able to invoke as a service or a la carte using technologies they deploy on premise. The CloudLock acquisition represents a significant step forward for Cisco in terms of being able to deliver security as a service, says Idemoto.
While most internal IT organizations were clearly caught off guard by the rise of cloud computing, it’s now apparent that most of them are now responsible for how those services are used. In some cases, that means controlling the acquisition of those services. In other cases, the internal IT organization is simply asked to provision them.
Naturally, the degree to which cloud services are invoked will vary by vertical industry. But whenever a breach occurs involving those services, IT organizations can count on being held to account for it, whether it’s their fault or not.