Security-as-a-Service

Security-as-a-Service - Cloud Computing Evaluating Security...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Search. .. CIOUpdate.com News Blogs Forums Careers/Staffing CIO Insights Technology Trends Budgets Special Reports Research February 10, 2011 Hot topics : Newsletters: Netw orking Daily CIO Update Technology Trends Read More in Technology Trends » July 16, 2010 By Matt Sarrel Submit Feedback » More by Author » Email Article Print Article Comment on this article Related Articles Over the past few years, more and more businesses have turned to software as a service (SaaS) to bring down costs. One category of offerings, which we'll call "security as a service" deserves special consideration. More and more traditional software security vendors are developing and enhancing their service based offerings. These offerings typically include protection against Web and email threats, monitoring of inbound and outbound network traffic, and assessing an externally facing website for potential vulnerabilities. While all vendors argue the appeal of reduced costs, only a few vendors argue that their solutions are better offered as a service. This is a market in transition. I've been testing security solutions for years so I've been lucky enough to have a good vantage point for this transition. Most of these solutions were software only. Then many added centralized management and some shipped on appliances. The earliest security as a service offerings merely moved this centralized management console into the cloud. This was a good start, but fell short of leveraging all of the advantages of the cloud. Offerings have gradually matured to utilize the strengths of the cloud. For example, Panda Security saves local processing power by analyzing malware in the cloud, not on the desktop. Many other vendors also make use of a cloud based infrastructure to conduct deeper and faster malware analysis. They can have more horsepower than at a single client site plus integrate threat information from many clients to create an accurate understanding of the threat landscape. Pros & cons Although more and more security functionality is being built into these offerings, security as a service still has its pros and cons. Firstly, many solutions still require a software agent to be loaded onto each end point. This is almost a necessary evil so look for solutions which automate deployment and updates of software agents. Remote workers are a natural choice for security as a service but they aren't on your network so why do they need to use your internal security services? They can access the solution provider's data center just as well (or better than) yours so let them. Look for security as a service solutions that try to improve the security process, not those that merely claim lowered TCO and fast ROI.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/07/2011 for the course COMP 7370 taught by Professor Qin,x during the Summer '08 term at Auburn University.

Page1 / 4

Security-as-a-Service - Cloud Computing Evaluating Security...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online