A vendor just released what it calls a "cloud-based endpoint security solution" for the enterprise. I've seen a number of similar offerings recently that offer network scanning, configuration management and the like, but I'm concerned about things like availability, latency and, frankly, overall reliability. Is this the wave of the future, or do I have a legitimate concern with any cloud endpoint security service that promises to secure enterprise endpoints?
I am a big fan of cloud-based security services and while I haven’t used such a product for endpoint security yet, there isn’t any inherent reason to avoid them. In fact, I would not be surprised to see these sorts of cloud security services become commonly used by enterprises in the coming years. I’ve already seen some successful deployments of cloud-based vulnerability scanning and log monitoring products and I suspect endpoint management might be next.
First of all, it’s important to consider what part of the endpoint product actually resides in the cloud. When dealing with endpoint security, organizations must have some agent present on the remote device to provide robust antivirus, firewall and other security controls. Unless there’s some major breakthrough in security technology, this requirement won’t go away. It also resolves the latency and availability issues that are common if the actual scanning is occurring on the endpoint.
Management of these products is where the cloud holds great potential. In my opinion, security professionals spend too much time tinkering with security products to make them work properly; as a result, they don’t get to spend enough time on valuable activities such as analyzing suspected intrusions and proactively designing security controls. By leveraging economies of scale, cloud-based providers can reduce the total amount of time spent tinkering and clear these mundane activities from the plates of the folks “on the ground.”
Imagine if an enterprise never had to upgrade its malware management system again. Instead of spending time installing software patches and maintaining hardware, it would be able to spend that time using a cloud-based console to analyze malware trends within the organization; identifying and remediating the root causes of infections. That’s my kind of world!
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.