There is a perception that people aren't ready for the cloud, and that cloud-based solutions only work in a high-bandwidth environment where Internet availability is critical.
This is the view of Jeremy Matthews, head of Panda Security sub-Saharan operations, who says: “In the Internet landscape, bandwidth is gold, and security is an overhead as an investment in technology and an operational cost.”
He says malware authors are changing the way they attack computer systems, and anti-virus vendors need to change the way they detect these attacks.
“The fabric of Panda has changed, as we have seen a seismic shift in computing,” says Matthews. “Anti-malware requires an adjustment to the core technologies behind them, requiring innovation in the security sector,” he states. “Where servers go, malware goes.”
Fundamental shift
“Corporate anti-virus has previously had a single point of reference and provides updates from a server-based environment. The approach has the architecture that there are management consoles and repositories where malware definitions are stored and passed along the network,” explains Matthews.
He says that with a cloud-based solution, there is a shift in the way anti-virus definitions are delivered, which reduces the overall complexity and cost.
“Cloud storage takes away that burden by placing the resources in the cloud, removing the requirement for that internal infrastructure, so there is no additional cost in purchasing servers, software licensing costs, or having administrators to manage them.
Gordon Love, regional director of Africa for Symantec, agrees, stating: “Cloud computing offers IT agility, instant expertise and resources at a cost-effective price.” He explains that there are a number of different cloud models - private, public, and partner - as well as hybrid clouds where various pieces of information are processed in different clouds.
“There is still the traditional or conventional anti-virus component though,” says Matthews. He explains that not all organisations have the same level of Internet connectivity, and so still require a good heuristics engine to combat against new threats.
Love is of the same opinion, stating that hybrid solutions help optimise companies with hosted services which enable customers to derive maximum value from their architecture through innovative hybrid deployment models.
“Operating expenses are reduced through the self-service model of cloud computing. For example, a company might select to do laptop backups to the cloud. This significantly reduces the support load of the IT organisation versus in-house deployment.” He lists the management of daily backups, tape, user requests for recovery as operational savings.
Matthews highlights that innovation lies in the distribution platform. “The technology works in a peer-to-peer fashion, with updates being pushed to machines across the local area network.” He says this ensures the anti-virus clients are updated in low-bandwidth environments.
Mobile workforce
“As more companies are moving to a mobile workforce, being able to secure users outside of the corporate network becomes prime,” says Matthews.
He adds that today's security is often handled with a 'pre-Internet' mindset, based on a hardwired world rather than outside the corporate space.
But this isn't true, Matthews says. “The mobile workforce is growing as devices become more powerful and are able to handle more tasks. Companies are also moving into outsourced infrastructures, where information is distributed among third parties and offsite servers.”
It is therefore critical to think of cloud-based security, so that no matter where employees are, they are protected, he argues.
This does not come without challenges, however. Matthews warns that enterprises are often stuck in the mindset that security must come from within the organisation. “The challenge lies in changing the mindset of the organisation,” he concludes.
Share