@CloudExpo Authors: Elizabeth White, Zakia Bouachraoui, Liz McMillan, Yeshim Deniz, Pat Romanski

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Selecting Cloud Security Brokers: 'All-in-One' or 'Best-of-Breed'?

A solution that 'concentrates on robust functionality' in a critical new area or an offering that’s a 'mile wide & inch deep'?

When we set out to build the PerspecSys Cloud Data Control Gateway, we faced an important design decision: would the market prefer an "All-in-One" or a "Best-of-Breed" Cloud Security Broker?

In the "All-in-One" camp, IT professionals have come to learn that the bundled modules from a single vendor have significant gaps in features that frequently lead to critical capability holes with implications ranging from operational scalability to compliance and security. Failing to address these shortcomings can be devastating for companies, potentially leading to financial loss and brand damage. This is because "All-in-One" products tempt enterprises by offering multiple solutions, many of which the customer was not even considering using. Most of these complimentary modules do not make any of the industry-validated lists (e.g., Gartner Magic Quadrants) for capability or quality, and as a result are frequently not even mentioned in research or analyst rankings.

Most organizations we talk to have already decided on their enterprise requirements, and made their selections of robust Encryption and Key Management, Single Sign-on (SSO), Malware Detection, Secure Web Gateway (SWG), Data Loss Prevention (DLP), and so on as they tackled these issues in the maturation of their security infrastructure. For example, CIOs tell us "don't give me another encryption system to manage" - they share with us that they want to maximize their existing IT investments and deploy the encryption modules they have vetted and trust from their preferred vendors within our Cloud Data Control Gateway solution.

When Cloud applications were used experimentally or with low value corporate information, having weaker solutions acting as the security umbrella was perhaps not as important. However, as these applications scale to meet enterprise needs and the cloud is forced to handle increasingly important (and sensitive) information, they need to fit with the trusted security approaches already deployed within the enterprise's ecosystem.

As the enterprise Cloud Security Broker space has evolved and organizations began defining reference architectures, cloud computing and interoperability standards, this has made it financially and operationally viable for an enterprise to choose the world's best product/service for each of their critical needs - for every user and for every use case. Organizations no longer had to sacrifice functionality and inferior products for the sake of integration.

When we researched this and considered the data, "Best-of-Breed" become the obvious answer to PerspecSys, which provides an open framework to our ApprotexTM Cloud Data Control Gateway platform to plug in third-party enterprise components. And here's why:

  • Leverage existing IT investments: Lower cost, proven performance, well vetted within the organization and the industry. This leads to operational efficiencies and expanded field of use, as enterprises reduce/optimize the number of systems that do the same thing.
  • Feature rich: The best-of-breed components from specialized vendors deliver deep capabilities that lead to increased productivity and efficiency.
  • Ease of implementation: IT products are likely already deployed and in use from specialty vendors who, through focus, are more agile. With Best-of-Breed there is no need to deploy the same technologies as those already deployed (and trained on) within IT.
  • Future proof: Minimize functional gaps in the future as each specialized vendor continues to innovate and add rich capabilities.
  • Improved interoperability: Best-of-Breed "independence" requires flexibility to integrate into other systems. The cloud, with its open, flexible SOA-based (service-oriented architecture) application means that integration is far easier and less expensive to manage. Cloud software is built to integrate, interoperate and exchange information.
  • Better support: Each vendor brings deep expertise in their chosen area, giving the enterprise options in how to maximize their capabilities as a consequence. The Best-of-Breed approach is significantly more flexible and changeable over time. You can upgrade individual components without impacting other functions. Plus, as new technologies emerge they can be integrated into the overall solution.
  • No vendor lock-in: You can choose to replace a module if it becomes too expensive, obsolete, or integrity is compromised. In the end, the enterprise is not forced to accept inferior solutions.

As enterprises make their Cloud Data Control Gateway decisions, will they be choosing based on a "sharp focus on a core competency" or will it be based on a "boiling the ocean" approach? A solution that "concentrates on robust functionality" in a critical new area or an offering that's a "mile wide & inch deep"? A package that "plays nice" with the enterprise security ecosystem or one that tries to replicate existing specialized security products and creates friction? Organizations that yearn for freedom of choice and the flexibility to create their own suite of "Best-of-Breed" products from any number of vendors, their time is here.

Read the original blog entry...

More Stories By David Canellos

David Canellos is a security veteran who is now President and CEO of PerspecSys. An entrepreneur specializing in bringing innovative security and privacy solutions to market, he has been instrumental in establishing PerspecSys as the leader in the Cloud data Protection Gateway market.

Before joining PerspecSys, David held executive positions at Irdeto Worldwide, which acquired the company he led, Cloakware, which was a pioneer in encryption and digital rights management. Before joining Cloakware, he was the General Manager and Vice President of Sales for Cramer Systems (now Amdocs), a UK-based company, where he was responsible for the company’s revenue and operations in the Americas. Prior to his work with Cramer, David held a variety of executive, sales management and business development positions with the Oracle Corporation, Versatility and SAIC.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

CloudEXPO Stories
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and share the must-have mindsets for removing complexity from the development process, accelerate application delivery times, and ensure that developers will become heroes (not bottlenecks) in the IoT revolution.
DevOps with IBMz? You heard right. Maybe you're wondering what a developer can do to speed up the entire development cycle--coding, testing, source code management, and deployment-? In this session you will learn about how to integrate z application assets into a DevOps pipeline using familiar tools like Jenkins and UrbanCode Deploy, plus z/OSMF workflows, all of which can increase deployment speeds while simultaneously improving reliability. You will also learn how to provision mainframe system as cloud-like service.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing at Cloudera, covered the ins and outs of Hadoop, and how it can help cloud-based businesses.