Increasingly, SMBs are recognizing centrally managed software-as-a-service (SaaS) solutions and cloud-based services as effective, inexpensive means of distributing applications to multiple employees. In theory, the concept is outstanding, but in practice less so – because not all endpoint SaaS solutions offer the same framework of capabilities.
Consider the example of anti-virus (AV) and anti-spam (AS) programs intended to protect the enterprise. Certain solutions provide security at all times and are easily integrated with other applications, while others are inconsistent on the security front and pose significant integration challenges. Some solutions feature only limited data center capabilities, cannot support the needs of large or growing businesses and have a limited installed base; others are quite the opposite.
For this reason, it makes sense for SMBs to slowly tread, rather than dive into, the SaaS waters. They should develop a keen understanding of available options and their benefits before making a final selection.
Security in the cloud: Which is the better solution?
The true purpose of SaaS AV or SaaS AS in the cloud is full-time protection, regardless of size or growth of the company. The benefits of using such solutions include:
Complete protection of sensitive data
Storage and bandwidth savings, with spam and other malware handled off-network so as to avoid taxing available systems
Lower help-desk costs as IT teams spend less time fixing damage caused by spam, viruses and other malware attacks
The ability to control and ensure that security measures like password protocols, firewalls, and security patches are up to date, as well as to inform staff of the latest security threats and strategies used by hackers
Layered authorization, restricting customer and employee access to some of the network and permitting wider access for managers
Ability to route all network requests, such as email and server access, through a centralized, protected connection that stays up-to-date with the latest security protocols, blocking any threats before they get to the network
SaaS solutions for security in the cloud enable companies to enjoy significant decreases in malware incidents, website compromises, data loss and data exposure, security related downtime and audit deficiencies, according to a May 2010 study by the Aberdeen Group.
Security in the cloud also allows companies to meet hackers at the level where they initiate their attacks. The variety and volume of these attacks is growing exponentially, with more malware attacks in the past 18 to 24 months than in the past 18 years. Complicating matters is the increasing use and assortment of hardware enlisted by employees, managers, and customers to access company networks; this seemingly dizzying array ranges from PCs and laptops to iPhones, iPads, Blackberries and Android-enabled phones and tablets. IT faces the daunting task of attempting to secure the growing number of endpoint devices that employees are legitimately using.
Cloud-delivered security can do the job by securing, encrypting and archiving email. The cloud layer can also filter internet access to prevent network users from downloading unapproved content.
But rather than attempting to protect each device, the better strategy is to operate the enterprise’s security at the cloud layer, which acts as an umbrella of protection over all devices. This method beats attackers at their own game, as malware is no longer being downloaded to the company’s network and eradicated there – a recipe for real disaster.
In short, security in the cloud provides protection anytime, anywhere, with more power and flexibility, but takes the heavy lifting away from the user.