We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Cloud Talk

Andre Yee

Why Security Needs to Move into the Cloud

Vote 0 Votes

When it comes to adopting SaaS and cloud based services, security remains a concern. In an IDC survey of 244 CIOs/executives, 74.6% of respondents listed security as a primary challenge, followed by performance (63.1 % respondents) and availability (63.1%).

For anyone tracking the conversation on enterprise SaaS or cloud services adoption, this is hardly groundbreaking news. With the lack of established global security standards, many are concerned with whether SaaS vendors will actually provide adequate security measures. Others are troubled by the possibility of malware infiltrating and mass-proliferating within the cloud services infrastructure. Unfortunately, some cloud service providers like Amazon aren't exactly building "consumer confidence" by their neglect in addressing glaring vulnerabilities but that's probably a blog post for another day.

Yet, I'll maintain that these concerns are just scratching the surface. There are other radically significant security concerns that are emerging from confluence of the SaaS/cloud services model and end user mobility. This confluence has resulted in the functional loss of perimeter control for most enterprises today.

Here's what I mean -

In your typical traditional enterprise (just a mere 5+ years ago), most applications and end users were on premise. Your security architecture was designed and constructed with that in mind. Most organizations invested millions in firewalls, IDS, behavior based threat prevention systems, etc...

Today, ubiquitous mobility together with the wide adoption of SaaS applications makes the former security infrastructure as porous as a sieve. Your typical corporate sales manager is no longer sitting at his desk accessing an on-premise client database. More likely, he/she is sitting in at Panera or Starbucks accessing a SaaS application like Salesforce or Eloqua. In this scenario, critical corporate information is transmitted from the SaaS vendor to the end user, completely bypassing the aforementioned corporate security infrastructure.

Yes, I know - some companies do tackle this "mobility backdoor" by routing the traffic back into the corporate network and out again but most do not. Many don't even understand the problem.

The point is this - the future is all about cloud based security services and the future is NOW.

Andre Yee blogs about cloud computing, SaaS, Web 2.0 and other emerging technologies that matter to businesses.

Andre Yee

Andre Yee is an entrepreneur and technologist with nearly 20 years of experience in the business of technology.

Recently Commented On


Monthly Archives