Changing Security As We Know It - Software as a Service (SaaS) Has Arrived Giving Rise to Plethora of Security Applications
Philippe Courtot, Chairman and CEO, Qualys, Inc.
We are entering into a new world. The rate of innovation is continuing to accelerate.
The Inconvenient Truth. 50% of corporate data resides unprotected on PC desktops and laptops. 1 out of 10 laptop computers will be lost or stolen within 12 months of purchase. 29.5 days - it takes on average to eliminate half of knows critical vulnerabilities on corporate networks. This is only a .5 day improvement.
Securing the enterprise is getting harder and harder.
Why is security so hard? To many variables, too may security patches, long software release cycle, technology is moving too fast. The burden is all on the enterprise.
The Cloud Computing Era
Software as a Service (SaaS). Infrastructure and Platform as a Service (IaaS, PaaS)
Cloud computing answers the IT business needs of agile, 21st century economies.
Why is it so disruptive? No IT resources needed, a delivery model that scales, disruptive business model, easier to select vendors.
One of the biggest advantages is the ability to quickly and inexpensively try things without a large capital expenditure.
The current financial situation is accelerating the adoption of cloud computing.
Why has adoption taken so long? resistance to change, Internet limitations, i.e. browsers, etc., Internet bubble (.com bust),
There is a tsunami of Enterprise SaaS solutions now coming to a browser near you.
What about security? A counter intuitive reality. Security can be made more granular and invisible in the cloud.
Why is this possible? Security can become part of the fabric.
What are the implications for the security industry? Accelerated consolidation. Major shift in buyers. Buyers of today are the enterprises, the buyers of tomorrow will be the cloud providers. Emergence of new players.
It is not about the survival of the fittest or the biggest, but of the one who adapts!
What are the implications for the security professional? Resistance is not an option anymore. We will be dealing with more complexity. Still have to deal with the current complexity and at the same time deal with the cloud.
What are the missing pieces? Technology: a more security and advanced browser, stronger authentication federated in the cloud, secure open protocols and standards. Legal: sla's, audits and compliance, privacy, location and ownership.
Closing with embrace the change.
{ 0 comments }