Cloud computing is the use of computing resources, including hardware and software, that are delivered as a service over a network, typically the Internet. As cloud computing achieves increased popularity and adoption of cloud-based services by businesses increases, concerns over security and risks of using these cloud-based services become significant. Traditionally, systems and software applications were deployed in enterprise environments, such as within an enterprise's own private data network, with strict controls and policies to ensure that data and usage are compliant with the enterprise's standards. However, the adoption of cloud-based services offered by third parties creates a potential mismatch, or complete absence, of expected enterprise level controls. Enterprises are faced with the challenge of accessing risk exposure associated with the use of cloud-based services in order to apply compensating controls.
With the proliferation of cloud based services, an enterprise may be employing a large number (e.g. 600 or more) of cloud services in the enterprise's day-to-day operation. Enterprises are finding it difficult to implement access control for the use of cloud-based services. Traditional access control schemes typically do not work well for cloud based services. In general, enterprises install third party firewall or proxy to realize network access control to external websites. The enterprises are thus dependent on the third party firewall or proxy to implement security policies and to decide whether to allow or deny access to certain sites. The third party security policies are usually not specifically tailored for cloud service providers. Furthermore, current network access control schemes are often content driven. That is, the third party firewall or proxy may implement network access control policies to block file sharing or to scan network data for certain sensitive data. Existing security policies implemented by third party firewall or proxy are typically not well adapted for cloud based services.