Increasingly, SMBs are recognizing centrally managed software-as-a-service (SaaS) solutions and cloud-based services as effective, inexpensive means of distributing applications to multiple employees. In theory, the concept is outstanding, but in practice less so – because not all endpoint SaaS solutions offer the same framework of capabilities.
Consider the example of anti-virus (AV) and anti-spam (AS) programs intended to protect the enterprise. Certain solutions provide security at all times and are easily integrated with other applications, while others are inconsistent on the security front and pose significant integration challenges. Some solutions feature only limited data center capabilities, cannot support the needs of large or growing businesses and have a limited installed base; others are quite the opposite.
For this reason, it makes sense for SMBs to slowly tread, rather than dive into, the SaaS waters. They should develop a keen understanding of available options and their benefits before making a final selection.
Security in the cloud: Which is the better solution?
SaaS solutions for security in the cloud enable companies to enjoy significant decreases in malware incidents, website compromises, data loss and data exposure, security-related downtime and audit deficiencies, according to a May 2010 study by the Aberdeen Group.
Security in the cloud also allows companies to meet hackers at the level where they initiate their attacks. The variety and volume of these attacks is growing exponentially, with more malware attacks in the past 18 to 24 months than in the past 18 years. Complicating matters is the increasing use and assortment of hardware enlisted by employees, managers, and customers to access company networks; this seemingly dizzying array ranges from PCs and laptops to iPhones, iPads, Blackberries and Android-enabled phones and tablets. IT faces the daunting task of attempting to secure the growing number of endpoint devices that employees are legitimately using.
Cloud-delivered security can do the job by securing, encrypting and archiving email. The cloud layer can also filter internet access to prevent network users from downloading unapproved content.
But rather than attempting to protect each device, the better strategy is to operate the enterprise’s security at the cloud layer, which acts as an umbrella of protection over all devices. This method beats attackers at their own game, as malware is no longer being downloaded to company’s network and eradicated there – a recipe for real disaster.
In short, security in the cloud provides protection anytime, anywhere, with more power and flexibility, but takes the heavy lifting away from the user.
By Phil Britt