Although there are still concerns expressed by companies and individuals regarding cloud security, there is a great deal of variability in their legitimacy. Paul Rubens wrote on eSecurity Planet that the cloud, while it has not eliminated cyber threats, has given businesses a powerful new weapon for effectively fighting it, even when they may not have the biggest IT department in the world.
:But has cloud security technology lived up to this hype? The answer is that while it hasn't got every cybercriminal on the run, it certainly provides formidable weapons for organizations to use in the constant struggle against them," he wrote on the website. "The most visible use of cloud security technology is for endpoint protection – in the anti-virus clients that run (or should run) on every desktop and laptop computer. Most of the major anti-virus security vendors now offer a cloud-based component to their products, and these can certainly make life more difficult for cybercriminals."
In fact, many companies are already starting to use a cloud-based approach to security. Rubens wrote on eSecurity that this can help reduce the amount of money companies spend on software licenses and security appliances, as the cloud is much less expensive than buying new hardware and software, and also helps reduce the administrative burden companies would otherwise have. With a security system in place that would be running on-premise, there would potentially be a number of small, nagging costs and tasks, but with cloud-based security, the service provider can do the lion's share of the company's security work.
With anti-malware scanning, web filtering, data loss prevention and more in the cloud, companies may be able to feel even more safe with their data in the cloud than simply on their services. Rubens said the cloud can also help to play a role in lessening the impact distributed denial-of-service attacks can have on an organization.
"By their nature DDoS attacks involve massive amounts of traffic which overwhelm Internet-facing servers in a corporate data center or hosting provider's facilities," he wrote. "Companies … operate cloud-based DDoS-mitigation platforms and a network of global scrubbing centers."
Robert Scheier wrote on CSO Online that comparing cloud security to internally run IT infrastructures can give a lot more attention to network firewalls, load balancing, network address translations and other areas where on-premise security may fall short. With a cloud solution in place, companies gain access to automated security tools which are likely more efficient and reliable than most legacy alternatives.
Cloud Security News from SimplySecurity.com by Trend Micro.
