A vendor just released what it calls a "cloud-based endpoint security solution" for the enterprise. I've seen a...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
number of similar offerings recently that offer network scanning, configuration management and the like, but I'm concerned about things like availability, latency and, frankly, overall reliability. Is this the wave of the future, or do I have a legitimate concern with any cloud endpoint security service that promises to secure enterprise endpoints?
I am a big fan of cloud-based security services and while I haven’t used such a product for endpoint security yet, there isn’t any inherent reason to avoid them. In fact, I would not be surprised to see these sorts of cloud security services become commonly used by enterprises in the coming years. I’ve already seen some successful deployments of cloud-based vulnerability scanning and log monitoring products and I suspect endpoint management might be next.
First of all, it’s important to consider what part of the endpoint product actually resides in the cloud. When dealing with endpoint security, organizations must have some agent present on the remote device to provide robust antivirus, firewall and other security controls. Unless there’s some major breakthrough in security technology, this requirement won’t go away. It also resolves the latency and availability issues that are common if the actual scanning is occurring on the endpoint.
Management of these products is where the cloud holds great potential. In my opinion, security professionals spend too much time tinkering with security products to make them work properly; as a result, they don’t get to spend enough time on valuable activities such as analyzing suspected intrusions and proactively designing security controls. By leveraging economies of scale, cloud-based providers can reduce the total amount of time spent tinkering and clear these mundane activities from the plates of the folks “on the ground.”
Imagine if an enterprise never had to upgrade its malware management system again. Instead of spending time installing software patches and maintaining hardware, it would be able to spend that time using a cloud-based console to analyze malware trends within the organization; identifying and remediating the root causes of infections. That’s my kind of world!
Dig Deeper on Secure SaaS: Cloud services and systems
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.