Security-as-a-Service - The next growth area for cloud computing?

Arguably, cloud computing is one of the fastest growing areas of the IT industry, with increasing numbers of companies subscribing to at least one internet-based service for their CRM, ERP or corporate email. As recession-hit businesses recognise they can access market-leading applications without the need for major capex investment, the cloud-based services sector is forecast to explode over the next three to five years.

Yet, despite the obvious cost savings and the elimination of the need for specialist in-house management expertise, the availability and take-up of in-the-cloud security services has been laggardly.

So why the discrepancy? There is no simple answer. One contributing factor is the lingering perception that a service provider environment is inherently less secure than the traditional corporate network infrastructure. Clearly, companies need to do due diligence when selecting a security partner, but the reality is that few have the expertise and resources in-house to match those of a specialist managed security services provider (MSSP).

A more fundamental reason preventing companies from moving to in-the-cloud security services is the lack of any affordable alternative to the typical CPE-based remote managed service offered by the managed services provider (MSP) sector. Such a service consumes significant resources and needs complex management processes and ongoing support for each customer. This is a less than ideal scenario for either party.

So why have MSSPs not embraced the security-as-a-service (SaaS) model as the obvious solution? The answer lies in the lack of scalable hardware platforms capable of supporting multiple customers and individual security policies. Cracking this has been the Holy Grail for MSPs and has the potential to unlock a massive market opportunity for the sector.

While there are a number of security appliances that can perform certain deep-packet inspection tasks well, up until now none has been able to offer the speed, granularity and scalability needed for cost-effective security services in any significant volume.

The initial attempts to scale enterprise-class security products to the service-based needs of MSPs have involved deploying these devices, typically firewall or IDP blades, in a chassis-based cluster, or by using shared-infrastructure virtualisation. None has resulted in a significant change in the economic model for SaaS. The schemes lack scalability and a mix of management, deployment and performance hurdles has proven a major barrier to take-up. With potentially thousands of customers, it is easy to see how such schemes quickly become unmanageable and commercially non-viable.

However, a new generation of high-performance security appliances with these specific design goals has entered the market. Programmable chip technology advances have led to the emergence of firmware-based processing techniques capable of supporting multiple security tasks for hundreds of individual customers on a single appliance without any impact on performance.

This FPGA-based technology represents a generational leap in high-speed, multi-tenant security appliances, raising the bar in scalability and enabling the MSP sector to re-think its business development strategies, particularly in the way that it delivers - and customers consume - security services in the future. The security appliance is finally effecting the transition from its single-customer enterprise roots to a multi-tenant service delivery architecture.

Replacing the traditional CPE managed-services model with an online menu of security services that can be self-provisioned as required on a fixed monthly fee basis, is highly attractive for most companies, not just from a budgetary perspective but also in terms of simplicity and convenience. With security threats growing, as well as the array of regulatory compliance questions, the prospect is even more appealing.

I predict it will lead to a rapid move from CPE to SaaS deployments, as more MSPs recognise the attractive ROI potential on offer.

See original article on scmagazineus.com