Welcome!

Linux Authors: Yeshim Deniz, Carmen Gonzalez, Pat Romanski, Phil Whelan, David Dossot

Related Topics: Cloud Expo, Java, .NET, Linux, Virtualization, Security

Cloud Expo: Article

Analyzing the Top 10 Benefits of Unified Security

Providing collaborative intelligence from the cloud

Of all the strategies and tactics available to prevent breaches, deter data leakage and theft, control access and secure beyond the so-called network perimeter, the one that is emerging as an achievable and affordable best practice is that of unified security from the cloud.

But if you look across the web, you will no doubt come across various versions of what constitutes “unified,” what is “protected,” and, what is “security from the cloud?” Luckily this means that the concept of unified security from the cloud is becoming more and more of a best practice. In general, the practice of unified security is the centralization of all security functions under one umbrella across the enterprise. This means more than ensuring data encryption. It means more than access policies. It means more than intrusion detection, malware blocking, data review. It’s more than ensuring compliance to the various regulatory bodies that provide general guidelines. It is the sum of all these things… and more.

So what is unified security? In short, it is an enterprise-powered tactical strategy that not only centralizes various security toolsets, but creates the seamless means to create cooperative functionality between them all. And as a cloud-based security initiative, this creates several tangible benefits that will allow any-sized company to upgrade their protection, but expand their protection beyond the network-centric traditional models of perimeter security.

To properly expand visibility, unified security is typically comprised of several solutions including system log archiving (the collection and storage of all online activity), identity management (administration of users, passwords and applications), access management (enforcement of identity rules and channeled access to data) and SIEM (the  intelligence that correlates and contextualizes all activity).

True unified security is also more than the solutions it comprises; it includes the analysis, management, and the implementation of access and intelligence policies that transform it from passive to proactive and immediately responsive. And by developing and managing these security features, solutions and policies from the cloud is more than the obvious cost savings, it allows for the exponential expansion of  real time visibility over a broader landscape and facilitates a more secure transaction compatibility with the way modern enterprises exchange, process and share  information.

To that end, the following are 10 benefits of implementing unified security from the cloud.

10. Right size as the situation dictates – In today’s business landscape, change is often fast and evolutionary. Being able to keep up is a major challenge for IT and IT security. One of the hallmarks of a cloud-based implementation is the flexibility and agility to adjust its scope quickly and without the oppressive costs and time of a consultant or IT service. Considering the hoops of fire and Herculean strength needed to expand coverage to a new department or division, on-premise security initiatives may require the purchase of new expensive servers, resource-heavy reconfiguration and re-prioritization of core competency projects.   With the cloud’s natural economies of scale, these costs are already absorbed and changes are more fluid and immediate. And with unified security, it’s more than just applying a sensor or agent on a server to collect new data. The changes to right size affect more than a single solution, —you must consider the constant fluctuation of change within an enterprise-the ebb and flow of staffing, the adjustment of new, updated and retired applications, and all the moving parts that come with incorporating vendors, suppliers and customers into the permission and protection mix. Unified security from the cloud creates the freedom and necessary speed to evolve with a company’s changing situation on an as-needed basis without an Act of Congress while still ensuring the adjustments across all the entire security landscape.

9. Make compliance easier: One of the substantial drains of time and energy go into the process of proving to various regulatory bodies that various slices of data are free from prying keyboards. Some companies go so far as dedicating personnel to simply comb through logs and find and report upon instances of breach and questionable activities. As I’ve insisted many times before, this practice is akin to looking for the horse in a gigantic haystack long after its left the barn (no matter how often sys-logs are reviewed, it is done in a rear-view mirror. These are events that have already occurred. And the damage is already done).

When evaluating what organizations like PCI and HIPAA require, the scope is more than just continuous monitoring (see blog regarding continuous monitoring satisfies compliance, but not security). They require proof of compliance for everything from firewall configuration to vulnerability scans, from data storage protocols to the development of identity authentication, password management and access privileges. I've identified about 20 common critical controls that are typically required by all compliance agencies. Unified security consolidates all the capabilities so that the reporting is considerably more streamline and accessible. Instead of four or five solutions each requiring four or five reports, logins and the physical coordination, collection and review for reporting, compliance is achieved by an automated model (see the white paper Mapping Compliance Requirements). It is the multiple collaborative and concurrent layers of security that support the automations, create better accuracy and significantly reduce the time previously dedicated to compliance reporting.

8. Easier, faster to deploy and find ROI. Forrester noted that 73% of major software implementations don’t get past phase 1. Whether a result of scope creep, budget issues or flagging executive buy-in, the promise of ROI for on premise security initiatives are difficult; not to mention the drag on IT productivity and lack of measurable results. And it’s those results we depend on to drive ROI and solve the business need (see the article: Is your security initiative “one inch into a mile”? ) It’s no secret that way too many companies view security solutions as a “nice to have” luxury or a grudgingly purchased cost center. But this is a different business environment than even that of 5 years ago; beyond the drivers of compliance and industry required governance IT security must be built into the fabric of every online facet of the business. Ignore reality at your own peril.

Assuming that security investments are not simply a luxury, the question remains how do you find ROI in a prevention initiative? On-premise point solutions are expensive. There’s no getting around that fact. Installing them is expensive. Configuring them is expensive. Maintaining them is expensive. In fact, Gartner estimates the annual cost to own and manage traditional on-premise security software applications can be 4X the initial purchase. Each and every move is a significant bite out of the any potential ROI gain in productivity. It might be more than 3 years before the investment starts paying off in any tangible way. Now the cloud, especially the unified security configuration, removes all of the waiting time. As a multi-tenant deployment, there is no hardware to buy, no software to install. Your complex, planned multi-phased, multi-year rollout can be fused a single week (sometimes “installation-to-insight” in minutes). Therefore the cloud version is providing the immediate benefits and immediate returns. Moreover, unified cloud security removes the complexity in configuration, installation and deployment because it is already built and easily customized to fit any sized organization.

We’ll deal with cost later on, but in terms of ROI, because there are no capital expenditures and the ability to keep investment minimized and output maximized means you can realign resources based on immediate business needs. The ROI is the elimination of negative impact—no compliance fines, no trust-busting breaches while waiting for the system to be fully functional, reduced risks and liabilities may decrease various insurance costs, no employees slipping away unnoticed with a database of your customers, no having to put out malware fires, no excessive time management conflicts from multi-sourced coordination, no de-centralized shadow IT, etc..

7. Better safeguard against BYOD: It may be the buzzword of the moment, but it is a trend that will continue to proliferate. Employees are increasingly using their own potentially-unsanctioned devices (smart phones, tablets and other mobile devices) to access your network, applications and data. (Read the blog “The Genie, the bottle and BYOD).  Users love the mobility and the immediacy of these devices, but forget these devices are just hand-held computers prone to the same intrusions, attacks, viruses and risks as the computers used in the office. The larger problem is many users don’t see that, so every time they sign on to your network or download an app, it creates a wider and wider vulnerability gap for the enterprise network. However, by implementing unified security (that includes access control and identity management), you can minimize what an employee (or supplier, partner or any other group) can see and what tools they can access. Additionally unified security policies can create an alert every time one of these unsanctioned devices tries to access the enterprise. Based on your protocols and administrative policies, the system can grant access or block for these mobile devices. It is one way in which identity management, access management; log management and SIEM work seamlessly together and prevent unwarranted access or careless usage issues.

6. Security-as-a-service offers continuous tribal knowledge (expertise) without adding headcount. One of the constant impediments to shrinking the vulnerability gap is recruiting and retaining the specific type of talent necessary to maintain an enterprise-level security initiative. But The MSPAlliance reports that the unemployment rate for such professionals is less than 1%--and the salary for these specialists has doubled in the past three years. Security-as-a-service is the “secret” value-add that accompanies a cloud-based deployment.  Having an expert that understands more than what a denial of service/brute force attack looks like can be invaluable; one that knows how to read in between the lines; that understands context and can trigger an alert or dismiss a possible threat as harmless—and to do it without any additional personnel costs to a company is a huge benefit.

We will be continuing this list next week with our entries of 5 through our number one benefit. However, in case you can’t wait, here’s a preview...

5. Control applications and who gets to use them

4. Know what’s happening faster, more completely

3. Real time actionable information

2. One single, centralized management component

1. More protection, less cost

More Stories By Kevin Nikkhoo

With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.

Kevin holds a Bachelor of Science in Computer Engineering from McGill University, Master of Computer Engineering at California State University, Los Angeles, and an MBA from the University of Southern California with emphasis in entrepreneurial studies.

@ThingsExpo Stories

ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's platform-as-a-service. The new platform enables developers to build ap...

Focused on this fast-growing market’s needs, Vitesse Semiconductor Corporation (Nasdaq: VTSS), a leading provider of IC solutions to advance "Ethernet Everywhere" in Carrier, Enterprise and Internet of Things (IoT) networks, introduced its IStaX™ software (VSC6815SDK), a robust protocol stack to simplify deployment and management of Industrial-IoT network applications such as Industrial Ethernet switching, surveillance, video distribution, LCD signage, intelligent sensors, and metering equipment. Leveraging technologies proven in the Carrier and Enterprise markets, IStaX is designed to work ac...
"There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
C-Labs LLC, a leading provider of remote and mobile access for the Internet of Things (IoT), announced the appointment of John Traynor to the position of chief operating officer. Previously a strategic advisor to the firm, Mr. Traynor will now oversee sales, marketing, finance, and operations. Mr. Traynor is based out of the C-Labs office in Redmond, Washington. He reports to Chris Muench, Chief Executive Officer. Mr. Traynor brings valuable business leadership and technology industry expertise to C-Labs. With over 30 years' experience in the high-tech sector, John Traynor has held numerous...
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, phone and digital TV services to consumers primarily in rural areas.
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada. Our partner network encompasses some 300 of the world's leading systems integrators and security s...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
Smart devices that use wireless technology to exchange information with each other and with their human owners: this is the Internet of Things (IoT). This incredible level of connectivity is already transforming how we exercise, treat diseases, park our cars and access business documents. Research firm IDC projects that the IoT world of connected devices will grow to 200 billion objects by 2020. As more businesses, entrepreneurs and government entities embrace the IoT, more data will be generated daily than the already mind-boggling 2.5 quintillion bytes of data per day. However, even curren...
The Industrial Revolution in the 18th to 19th centuries was a period during which predominantly rural societies in Europe and America became industrial and urban. Advances in steam technology, transportation, mass production and the telegraph collectively transformed industry and society. Today, the Internet of Things (IoT) has the potential to once again transform industry and society just as the Industrial Revolution did. Analyst firm IDC forecasts that the IoT market will grow to $8.9 trillion by 2020 with anywhere between 30 to 50 billion connected autonomous things, making the potential g...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world. The next @ThingsExpo will take place November 4-6, 2014, at the Santa Clara Convention Center, in Santa Clara, California. Since its launch in 2008, Cloud Expo TV commercials have been aired and CNBC, Fox News Network, and Bloomberg TV. Please enjoy our 2014 commercial.
From a software development perspective IoT is about programming "things," about connecting them with each other or integrating them with existing applications. In his session at @ThingsExpo, Yakov Fain, co-founder of Farata Systems and SuranceBay, will show you how small IoT-enabled devices from multiple manufacturers can be integrated into the workflow of an enterprise application. This is a practical demo of building a framework and components in HTML/Java/Mobile technologies to serve as a platform that can integrate new devices as they become available on the market.
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
Located in booth #314, the Bsquare team will present DataV demos and discuss how DataV will help customers put their data to work to improve business outcomes. DataV is unlocking new initiatives across a wide landscape of customers in industries such as industrial manufacturing, transportation, retail and mobile. The solution is designed to complement a new project start or help to enrich an existing machine investment.
The Physical Web incorporates beacons that can be put in any small retail store, for example, so that every store now has "an app" for its customers. In this Birds-of-a-Feather session at Internet of @ThingsExpo, Scott Jenson, Product Designer at Google, will discuss the Physical Web and how it is an open standard so any device can broadcast a URL wirelessly, so any phone/tablet/watch nearby can see, and rank those devices. When the user taps on one, they just go to that web page. It's really that simple. It's about thinking small, enabling micro-information (what is in my prescription bottle...
BSQUARE is a global leader of embedded software solutions. We enable smart connected systems at the device level and beyond that millions use every day and provide actionable data solutions for the growing Internet of Things (IoT) market. We empower our world-class customers with our products, services and solutions to achieve innovation and success. For more information, visit www.bsquare.com.
Whether you're a startup or a 100 year old enterprise, the Internet of Things offers a variety of new capabilities for your business. IoT style solutions can help you get closer your customers, launch new product lines and take over an industry. Some companies are dipping their toes in, but many have already taken the plunge, all while dramatic new capabilities continue to emerge. In his session at Internet of @ThingsExpo, Reid Carlberg, Senior Director, Developer Evangelism at salesforce.com, to discuss real-world use cases, patterns and opportunities you can harness today.