Businesses Move Security to the Cloud
An IT staff of two full-time people managing more than 100 users needs to take advantage of every cloud-based service that can help reduce costs and make the company more productive. That’s why The Sak Brand Group uses Panda Security’s Panda Cloud Office Protection.
“We run a lean operation,” says Roger Micone, systems administrator for the San Francisco–based handbag maker. “The Panda cloud product lets us protect our workstations while reducing overhead. It also lets us set up whitelists fairly easily.”
Micone says the company decided that it made more sense to have a cloud provider handle a simple, repetitive task such as upgrading antivirus software. “With all the threats that are out there today, it’s unrealistic to think that any antivirus software can do everything,” Micone says. “Panda does a great job with antivirus and malware protection.”
The percentage of organizations surveyed that are at least discussing cloud services
SOURCE: “Avoiding the Hidden Costs of the Cloud: Global Results” (Symantec, 2013)
Phil Hochmuth, an analyst for IDC, says organizations such as The Sak Brand Group realize savings from running a cloud security service across hundreds or thousands of machines.
“There’s no physical patching or maintaining, and all the security gets managed centrally,” Hochmuth says. “In many ways, there’s more of an assurance that the staff are actually using the security features. Especially as organizations move to the bring-your-own-device model, these types of cloud-based security products make an unmanageable situation manageable.”
Subscribing to a cloud security service requires a major leap of faith for any IT department. Banesco USA, a local community bank with six branches in South Florida, one in Puerto Rico and about 200 corporate users, decided to take a hybrid approach to cloud security.
Luis Rivas, the company’s network security officer, says because Banesco USA had great success with Check Point tools, management had confidence in the vendor when it opted for the security company’s Cloud Managed Security Service for intrusion prevention.
“With all the threats out there and the potential for financial data to be compromised, most financial organizations need a 24/7 cloud service like this today,” Rivas says.
Rivas says if the intrusion prevention system sees something suspicious, it opens a ticket and emails him. Conversely, if he sees something suspicious as he’s reviewing log data on the Check Point portal, he can launch a ticket that notifies the vendor’s staff that there may be an issue.
“What this does is add another layer of eyes and expertise to our team so that the security people at Check Point can be involved 24/7,” Rivas says. “The idea is for this to be a collaborative process.”
IDC Analyst Phil Hochmuth identifies four trends that are driving security software as a service (SaaS) deployments.
- Mobility and the consumerization of IT: As more people bring devices to the workplace, IT departments tend to lose control. By giving IT pros the ability to centrally manage security, SaaS offerings will help them protect mobile data more effectively.
- The growing importance of identity and access management: The more organizations depend on mobility and remote access, the more IT departments will find identity and access management services critical for maintaining data security and control.
- The emergence of hybrid security models: While most large organizations manage most of their security in-house, IT shops will increasingly turn to cloud-based services such as Trend Micro’s Web Reputation Services, which maintains a list of infected websites in the cloud and blocks users from accessing them.
- Cost-saving pressures: Organizations seek to offset the overhead of managing basic security services such as antivirus and antimalware by sending them to the cloud. SaaS technologies will continue to offer lower deployment and operational costs than on-premises solutions.