One of the major issues in cloud-based security is that it is very hard to do. For lots of reasons, many from the business perspective, it is difficult to make the cloud as secure as the on-premise data center. There are lots of things that go into security, as we all know, and the objective of any cloud-based product must be to make the cloud as secure as the data center. Additionally, though, to be truly effective that security should behave and be manageable in much the same manner as the data center. CloudLock is, by these measures, truly effective.

CloudLock provides data privacy, governance and management, as well as account protection and external application management and governance. Google Apps is the only environment supported currently, but there are more on the drawing board. CloudLock uses the Google Apps API to collect necessary metadata and apply that to the product's rules engine. This allows most of the same security functions - when working in the cloud - as organizations are accustomed to in their data centers.

For example, because data moves through the security protection, CloudLock can do such things as data leakage prevention, identifying such things as Social Security numbers and other personally identifiable information. It can enforce acceptable use policies and is content aware.

The product is policy driven. Its dashboards for analysis and policy development are simple, to the point and easy for the administrator to use. In addition to the general tools, CloudLock provides a robust application firewall. Because the application environment is outside of the organization's physical control, application-level access control is necessary. The application firewall facilitates that.

One strong function is its ability to examine how other organizations are treating a particular application residing within Google Apps. Because users can be restricted from accessing particular applications (the app is banned), it is helpful to know what the community at large is doing about allowing access. Community Trust Rating communicates that information to the administrator as an assist in determining what apps should be allowed and which banned.

We liked this tool for its direct applicability to an important cloud environment. We also liked its comfortable look and feel.