As organizations increasingly approve cloud-based applications in 2017 expect spending on cloud security solutions to increase as well, says a cloud security access broker.

Bitglass Inc. made the prediction this month in part based on a survey of 100 CIOs/CISOs who attended last October’s Gartner Symposium.

Forty-one per cent said they have cut or plan to cut spending on traditional on-premise security solutions, Salim Hafid, Bitglass’ product marketing manager, in an interview.

Meanwhile just over a quarter of respondents said unmanaged device and external sharing control would be their biggest IT security spend priority this year, followed by data leakage prevention (about 22 per cent).

“In 2017 it will become more of a priority to focus on cloud app deployments,” Hafid said, “and I think with that comes the need to secure those applications” on technologies such as data leak prevention, encryption, securing mobile devices and protecting cloud apps.

“As more corporate data moves outside the network perimeter it becomes more and more important to secure that data, as opposed to secure the corporate network.

Just over half of respondents said their organizations have deployed at least four cloud applications, the survey showed, plus another 35 per cent or so have two to three. That adds up to 82 per cent of respondents with multiple cloud deployments, pointed out Hafid.

One-third of the 100 respondents said their organization has a cloud-first application strategy. Also, when asked respondents said they found better satisfaction with cloud applications over their on-premise counterparts in value, security and user experience.

Hafid agreed that should be expected, given the publicly announced revenues and subscriber numbers from services such as Salesforce and Google’s Gsuite.

“But what’s surprising to us… is the rate at which this transition is happening, especially in large enterprises and heavily regulated sectors like healthcare and financial services,” Hafid said. “You would expect a much more slow progression”

As a cloud access security broker (CASB) Bitglass competes with other policy enforcement solutions that fit between users and cloud applications from vendors such as Blue Coat Systems, Microsoft, Skyhigh Networks, CipherCloud, Cisco Systems, Imperva and Netskope.

As Gartner notes they can combine authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting and malware detection/prevention.

Solutions may integrate with common SaaS enterprise apps like Salesforce and ServiceNow, and with infrastructure as a service (IaaS) offering such as Amazon AWS, Microsoft Azure, through APIs or proxies.

Hafid said Bitglass plugs into an organization’s identity process and proxies the traffic through its data loss prevention engine, allowing the service to protect data in real time as its accessed and downloaded. Files can be tagged and encrypted or redacted when accessed. Customers can define one set of policies (ie block a file with social insurance numbers), which applies to any app accessed.

The service is priced per user per month,starting at US$9,  and depends on the number of seats and functionality wanted. Base functionality would include the ability to discover unapproved or so-called ‘shadow IT’ cloud apps by staff. Optional modules cover mobile device control (remote wipe and others) and the cross-application functionality.