That was the message from analysts at a conference, “Gaining business and technical advantages from cloud, SaaS and hybrid security services,” held Thursday in New York, and sponsored by consultancy IDC.
Cloud security is sometimes being driven – along with the cost saving benefits it provides – by what analysts referred to as “appliance fatigue,” or the frustration of having to manage numerous on-premise security products.
But while some smaller organisations might ultimately replace all in-house solutions with cloud security services, the majority – especially larger organisations – see the technology as a complement to their existing solutions, analysts said.
Before turning to the cloud, though, corporate decision-makers must consider a number of factors, including what cost savings, scalability, reliability and functionality the third party will provide, said Brian Burke, program director of security products at IDC.
When evaluating moving to the cloud, security professionals should consider the cost of maintaining their current investments, potential changes to compliance regulations in the future, and whether the cost of a potential breach justifies the investment, analysts said.
Performance is one of the most important considerations for cloud security, and organisations must ensure that the vendor with which they contract has adequate internal protections to minimise latency and avoid disruptions in services. Burke warned that if latency is introduced, help desk calls could rise dramatically.
To combat this possibility, the cloud vendor should provide a service-level agreement to ensure reliability, analysts said.
In terms of functionality, businesses must realise that in today's environment, web and email threats are not mutually exclusive, so look for a cloud vendor which has expertise in both, Burke recommended. When looking to secure a virtualised environment in the cloud, choose a solution that provides a single console to manage all devices.
And, one of the key risk mitigation defenses is a multitenant architecture [different services with a shared code-base that appear different to end-users], though it requires high-speed routing, switching and load balancing, added Chris Christiansen, vice president of security products and services at IDC.
See original article on scmagazineus.com
Security considerations critical in the cloud
IT departments are increasingly realising the benefits of cloud security, but businesses must ask themselves a few questions before handing over control to a third-party.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
.png&h=140&w=231&c=1&s=0)
Partner Content
Ransomware targets Australian SME false sense of security
.png&h=140&w=231&c=1&s=0)
Partner Content
AI and quantum computing widen the machine identity security gap
Partner Content
What Embracing the AI Platform Shift Really Means
.png&h=140&w=231&c=1&s=0)
Partner Content
Machine identity a key priority for organisations’ security strategies: CyberArk
Sponsored Whitepapers
_page-0001.jpg&w=100&c=1&s=0)
Leverage Technologies: Industry-Tailored ERP Implementation for Growth and Compliance
.png&w=100&c=1&s=0)
Service Over Signatures: The Truth About No Lock-In IT
Wasabi Reveals Hidden Costs and Cloud Storage Shifts in ANZ for 2025
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
