Businesses Move Security to the Cloud

An IT staff of two full-time people managing more than 100 users needs to take advantage of every cloud-based service that can help reduce costs and make the company more productive. That’s why The Sak Brand Group uses Panda Security’s Panda Cloud Office Protection.

“We run a lean operation,” says Roger Micone, systems administrator for the San Francisco–based handbag maker. “The Panda cloud product lets us protect our workstations while reducing overhead. It also lets us set up whitelists fairly easily.”

Micone says the company decided that it made more sense to have a cloud provider handle a simple, repetitive task such as upgrading antivirus software. “With all the threats that are out there today, it’s unrealistic to think that any antivirus software can do everything,” Micone says. “Panda does a great job with antivirus and malware protection.”

Phil Hochmuth, an analyst for IDC, says organizations such as The Sak Brand Group realize savings from running a cloud security service across hundreds or thousands of machines.

“There’s no physical patching or maintaining, and all the security gets managed centrally,” Hochmuth says. “In many ways, there’s more of an assurance that the staff are actually using the security features. Especially as organizations move to the bring-your-own-device model, these types of cloud-based security products make an unmanageable situation manageable.”

Mixed Use

Subscribing to a cloud security service requires a major leap of faith for any IT department. Banesco USA, a local community bank with six branches in South Florida, one in Puerto Rico and about 200 corporate users, decided to take a hybrid approach to cloud security.

Luis Rivas, the company’s network security officer, says because Banesco USA had great success with Check Point tools, management had confidence in the vendor when it opted for the security company’s Cloud Managed Security Service for intrusion prevention.

“With all the threats out there and the potential for financial data to be compromised, most financial organizations need a 24/7 cloud service like this today,” Rivas says.

Rivas says if the intrusion prevention system sees something suspicious, it opens a ticket and emails him. Conversely, if he sees something suspicious as he’s reviewing log data on the Check Point portal, he can launch a ticket that notifies the vendor’s staff that there may be an issue.

“What this does is add another layer of eyes and expertise to our team so that the security people at Check Point can be involved 24/7,” Rivas says. “The idea is for this to be a collaborative process.”