A vendor just released what it calls a "cloud-based endpoint security solution" for the enterprise. I've seen a...
number of similar offerings recently that offer network scanning, configuration management and the like, but I'm concerned about things like availability, latency and, frankly, overall reliability. Is this the wave of the future, or do I have a legitimate concern with any cloud endpoint security service that promises to secure enterprise endpoints?
I am a big fan of cloud-based security services and while I haven’t used such a product for endpoint security yet, there isn’t any inherent reason to avoid them. In fact, I would not be surprised to see these sorts of cloud security services become commonly used by enterprises in the coming years. I’ve already seen some successful deployments of cloud-based vulnerability scanning and log monitoring products and I suspect endpoint management might be next.
First of all, it’s important to consider what part of the endpoint product actually resides in the cloud. When dealing with endpoint security, organizations must have some agent present on the remote device to provide robust antivirus, firewall and other security controls. Unless there’s some major breakthrough in security technology, this requirement won’t go away. It also resolves the latency and availability issues that are common if the actual scanning is occurring on the endpoint.
Management of these products is where the cloud holds great potential. In my opinion, security professionals spend too much time tinkering with security products to make them work properly; as a result, they don’t get to spend enough time on valuable activities such as analyzing suspected intrusions and proactively designing security controls. By leveraging economies of scale, cloud-based providers can reduce the total amount of time spent tinkering and clear these mundane activities from the plates of the folks “on the ground.”
Imagine if an enterprise never had to upgrade its malware management system again. Instead of spending time installing software patches and maintaining hardware, it would be able to spend that time using a cloud-based console to analyze malware trends within the organization; identifying and remediating the root causes of infections. That’s my kind of world!
Dig Deeper on Secure SaaS: Cloud services and systems
Related Q&A from Mike Chapple
Are nonprofit organizations, like higher education institutions, subject to FTC cybersecurity regulations and oversight? Expert Mike Chapple explains.continue reading
It's important for healthcare organizations to have a clear social media policy. Expert Mike Chapple explains what needs to be in the policy to stay ...continue reading
SOC 2 evaluations can be helpful tools for organizations assessing their HIPAA compliance, but companies should not solely rely on them. Compliance ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.