Click here to close now.

Welcome!

Cloud Expo Authors: Pat Romanski, Liz McMillan, AppDynamics Blog, Carmen Gonzalez, Roger Strukhoff

Related Topics: Cloud Expo, Java, .NET, Linux, Virtualization, Security

Cloud Expo: Article

Analyzing the Top 10 Benefits of Unified Security

Providing collaborative intelligence from the cloud

Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the so-called network perimeter, the one that is emerging as an achievable and affordable best practice is that of unified security from the cloud.

But if you look across the web, you will no doubt come across various versions of what constitutes “unified,” what is “protected,” and, what is “security from the cloud?” Luckily this means that the concept of unified security from the cloud is becoming more and more of a best practice. In general, the practice of unified security is the centralization of all security functions under one umbrella across the enterprise. This means more than ensuring data encryption. It means more than access policies. It means more than intrusion detection, malware blocking, data review. It’s more than ensuring compliance to the various regulatory bodies that provide general guidelines. It is the sum of all these things… and more.

So what is unified security? In short, it is an enterprise-powered tactical strategy that not only centralizes various security toolsets, but creates the seamless means to create cooperative functionality between them all. And as a cloud-based security initiative, this creates several tangible benefits that will allow any-sized company to upgrade their protection, but expand their protection beyond the network-centric traditional models of perimeter security.

To properly expand visibility, unified security is typically comprised of several solutions including system log archiving (the collection and storage of all online activity), identity management (administration of users, passwords and applications), access management (enforcement of identity rules and channeled access to data) and SIEM (the  intelligence that correlates and contextualizes all activity).

True unified security is also more than the solutions it comprises; it includes the analysis, management, and the implementation of access and intelligence policies that transform it from passive to proactive and immediately responsive. And by developing and managing these security features, solutions and policies from the cloud is more than the obvious cost savings, it allows for the exponential expansion of  real time visibility over a broader landscape and facilitates a more secure transaction compatibility with the way modern enterprises exchange, process and share  information.

To that end, the following are 10 benefits of implementing unified security from the cloud.

10. Right size as the situation dictates – In today’s business landscape, change is often fast and evolutionary. Being able to keep up is a major challenge for IT and IT security. One of the hallmarks of a cloud-based implementation is the flexibility and agility to adjust its scope quickly and without the oppressive costs and time of a consultant or IT service. Considering the hoops of fire and Herculean strength needed to expand coverage to a new department or division, on-premise security initiatives may require the purchase of new expensive servers, resource-heavy reconfiguration and re-prioritization of core competency projects.   With the cloud’s natural economies of scale, these costs are already absorbed and changes are more fluid and immediate. And with unified security, it’s more than just applying a sensor or agent on a server to collect new data. The changes to right size affect more than a single solution, —you must consider the constant fluctuation of change within an enterprise-the ebb and flow of staffing, the adjustment of new, updated and retired applications, and all the moving parts that come with incorporating vendors, suppliers and customers into the permission and protection mix. Unified security from the cloud creates the freedom and necessary speed to evolve with a company’s changing situation on an as-needed basis without an Act of Congress while still ensuring the adjustments across all the entire security landscape.

9. Make compliance easier: One of the substantial drains of time and energy go into the process of proving to various regulatory bodies that various slices of data are free from prying keyboards. Some companies go so far as dedicating personnel to simply comb through logs and find and report upon instances of breach and questionable activities. As I’ve insisted many times before, this practice is akin to looking for the horse in a gigantic haystack long after its left the barn (no matter how often sys-logs are reviewed, it is done in a rear-view mirror. These are events that have already occurred. And the damage is already done).

When evaluating what organizations like PCI and HIPAA require, the scope is more than just continuous monitoring (see blog regarding continuous monitoring satisfies compliance, but not security). They require proof of compliance for everything from firewall configuration to vulnerability scans, from data storage protocols to the development of identity authentication, password management and access privileges. I've identified about 20 common critical controls that are typically required by all compliance agencies. Unified security consolidates all the capabilities so that the reporting is considerably more streamline and accessible. Instead of four or five solutions each requiring four or five reports, logins and the physical coordination, collection and review for reporting, compliance is achieved by an automated model (see the white paper Mapping Compliance Requirements). It is the multiple collaborative and concurrent layers of security that support the automations, create better accuracy and significantly reduce the time previously dedicated to compliance reporting.

8. Easier, faster to deploy and find ROI. Forrester noted that 73% of major software implementations don’t get past phase 1. Whether a result of scope creep, budget issues or flagging executive buy-in, the promise of ROI for on premise security initiatives are difficult; not to mention the drag on IT productivity and lack of measurable results. And it’s those results we depend on to drive ROI and solve the business need (see the article: Is your security initiative “one inch into a mile”? ) It’s no secret that way too many companies view security solutions as a “nice to have” luxury or a grudgingly purchased cost center. But this is a different business environment than even that of 5 years ago; beyond the drivers of compliance and industry required governance IT security must be built into the fabric of every online facet of the business. Ignore reality at your own peril.

Assuming that security investments are not simply a luxury, the question remains how do you find ROI in a prevention initiative? On-premise point solutions are expensive. There’s no getting around that fact. Installing them is expensive. Configuring them is expensive. Maintaining them is expensive. In fact, Gartner estimates the annual cost to own and manage traditional on-premise security software applications can be 4X the initial purchase. Each and every move is a significant bite out of the any potential ROI gain in productivity. It might be more than 3 years before the investment starts paying off in any tangible way. Now the cloud, especially the unified security configuration, removes all of the waiting time. As a multi-tenant deployment, there is no hardware to buy, no software to install. Your complex, planned multi-phased, multi-year rollout can be fused a single week (sometimes “installation-to-insight” in minutes). Therefore the cloud version is providing the immediate benefits and immediate returns. Moreover, unified cloud security removes the complexity in configuration, installation and deployment because it is already built and easily customized to fit any sized organization.

We’ll deal with cost later on, but in terms of ROI, because there are no capital expenditures and the ability to keep investment minimized and output maximized means you can realign resources based on immediate business needs. The ROI is the elimination of negative impact—no compliance fines, no trust-busting breaches while waiting for the system to be fully functional, reduced risks and liabilities may decrease various insurance costs, no employees slipping away unnoticed with a database of your customers, no having to put out malware fires, no excessive time management conflicts from multi-sourced coordination, no de-centralized shadow IT, etc..

7. Better safeguard against BYOD: It may be the buzzword of the moment, but it is a trend that will continue to proliferate. Employees are increasingly using their own potentially-unsanctioned devices (smart phones, tablets and other mobile devices) to access your network, applications and data. (Read the blog “The Genie, the bottle and BYOD).  Users love the mobility and the immediacy of these devices, but forget these devices are just hand-held computers prone to the same intrusions, attacks, viruses and risks as the computers used in the office. The larger problem is many users don’t see that, so every time they sign on to your network or download an app, it creates a wider and wider vulnerability gap for the enterprise network. However, by implementing unified security (that includes access control and identity management), you can minimize what an employee (or supplier, partner or any other group) can see and what tools they can access. Additionally unified security policies can create an alert every time one of these unsanctioned devices tries to access the enterprise. Based on your protocols and administrative policies, the system can grant access or block for these mobile devices. It is one way in which identity management, access management; log management and SIEM work seamlessly together and prevent unwarranted access or careless usage issues.

6. Security-as-a-service offers continuous tribal knowledge (expertise) without adding headcount. One of the constant impediments to shrinking the vulnerability gap is recruiting and retaining the specific type of talent necessary to maintain an enterprise-level security initiative. But The MSPAlliance reports that the unemployment rate for such professionals is less than 1%--and the salary for these specialists has doubled in the past three years. Security-as-a-service is the “secret” value-add that accompanies a cloud-based deployment.  Having an expert that understands more than what a denial of service/brute force attack looks like can be invaluable; one that knows how to read in between the lines; that understands context and can trigger an alert or dismiss a possible threat as harmless—and to do it without any additional personnel costs to a company is a huge benefit.

We will be continuing this list next week with our entries of 5 through our number one benefit. However, in case you can’t wait, here’s a preview...

5. Control applications and who gets to use them

4. Know what’s happening faster, more completely

3. Real time actionable information

2. One single, centralized management component

1. More protection, less cost

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@CloudExpo Stories
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Ras...
SYS-CON Events announced today the DevOps Foundation Certification Course, being held June ?, 2015, in conjunction with DevOps Summit and 16th Cloud Expo at the Javits Center in New York City, NY. This sixteen (16) hour course provides an introduction to DevOps – the cultural and professional movement that stresses communication, collaboration, integration and automation in order to improve the flow of work between software developers and IT operations professionals. Improved workflows will res...
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The best mobile applications are augmented by dedicated servers, the Internet and Cloud services. Mobile developers should focus on one thing: writing the next socially disruptive viral app. Thanks to the cloud, they can focus on the overall solution, not the underlying plumbing. From iOS to Android and Windows, developers can leverage cloud services to create a common cross-platform backend to persist user settings, app data, broadcast notifications, run jobs, etc. This session provide...
SYS-CON Events announced today that Soha will exhibit at SYS-CON's DevOps Summit New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Soha delivers enterprise-grade application security, on any device, as agile as the cloud. This turnkey, cloud-based service enables customers to solve secure application access and delivery challenges that traditional or virtualized network solutions cannot solve because they are too expensive, inflexible and operational...
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
Health care systems across the globe are under enormous strain, as facilities reach capacity and costs continue to rise. M2M and the Internet of Things have the potential to transform the industry through connected health solutions that can make care more efficient while reducing costs. In fact, Vodafone's annual M2M Barometer Report forecasts M2M applications rising to 57 percent in health care and life sciences by 2016. Lively is one of Vodafone's health care partners, whose solutions enable o...
SYS-CON Events announced today that Ciqada will exhibit at SYS-CON's @ThingsExpo, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Ciqada™ makes it easy to connect your products to the Internet. By integrating key components - hardware, servers, dashboards, and mobile apps - into an easy-to-use, configurable system, your products can quickly and securely join the internet of things. With remote monitoring, control, and alert messaging capability, you will mee...
of cloud, colocation, managed services and disaster recovery solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. TierPoint, LLC, is a leading national provider of information technology and data center services, including cloud, colocation, disaster recovery and managed IT services, with corporate headquarters in St. Louis, MO. TierPoint was formed through the strategic combination of some of t...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
Public Cloud IaaS started it's life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in ado...
Dave will share his insights on how Internet of Things for Enterprises are transforming and making more productive and efficient operations and maintenance (O&M) procedures in the cleantech industry and beyond. Speaker Bio: Dave Landa is chief operating officer of Cybozu Corp (kintone US). Based in the San Francisco Bay Area, Dave has been on the forefront of the Cloud revolution driving strategic business development on the executive teams of multiple leading Software as a Services (SaaS) ap...
SYS-CON Events announced today that GENBAND, a leading developer of real time communications software solutions, has been named “Silver Sponsor” of SYS-CON's WebRTC Summit, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. The GENBAND team will be on hand to demonstrate their newest product, Kandy. Kandy is a communications Platform-as-a-Service (PaaS) that enables companies to seamlessly integrate more human communications into their Web and mobile applicatio...
SYS-CON Events announced today that BroadSoft, the leading global provider of Unified Communications and Collaboration (UCC) services to operators worldwide, has been named “Gold Sponsor” of SYS-CON's WebRTC Summit, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. BroadSoft is the leading provider of software and services that enable mobile, fixed-line and cable service providers to offer Unified Communications over their Internet Protocol networks. The Compa...
ProfitBricks, the provider of painless cloud infrastructure for IaaS, today announced the release of a Node.js SDK written against its recently launched REST API. This new JavaScript based library provides coverage for all existing ProfitBricks REST API functions. With additional libraries set to release this month, ProfitBricks continues to prove its dedication to the DevOps community and commitment to making cloud migrations and cloud management painless. Node.js is an open source, cross-pl...
ProfitBricks has launched its new DevOps Central and REST API, along with support for three multi-cloud libraries and a Python SDK. This, combined with its already existing SOAP API and its new RESTful API, moves ProfitBricks into a position to better serve the DevOps community and provide the ability to automate cloud infrastructure in a multi-cloud world. Following this momentum, ProfitBricks has also introduced several libraries that enable developers to use their favorite language to code ...
What exactly is a cognitive application? In her session at 16th Cloud Expo, Ashley Hathaway, Product Manager at IBM Watson, will look at the services being offered by the IBM Watson Developer Cloud and what that means for developers and Big Data. She'll explore how IBM Watson and its partnerships will continue to grow and help define what it means to be a cognitive service, as well as take a look at the offerings on Bluemix. She will also check out how Watson and the Alchemy API team up to off...
The IoT Bootcamp is coming to Cloud Expo | @ThingsExpo on June 9-10 at the Javits Center in New York. Instructor. Registration is now available at http://iotbootcamp.sys-con.com/ Instructor Janakiram MSV previously taught the famously successful Multi-Cloud Bootcamp at Cloud Expo | @ThingsExpo in November in Santa Clara. Now he is expanding the focus to Janakiram is the founder and CTO of Get Cloud Ready Consulting, a niche Cloud Migration and Cloud Operations firm that recently got acquir...
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding bu...