Cloud expert questions cloud security integration

In his latest security blog, Dave Asprey refers to Gartner's recent report - entitled `Hype Cycle for Cloud Computing: Does Cloud Security Belong?' - and notes the report's conclusion that most companies have cloud strategies, but few have cloud-centric strategies.

"That's one of the reasons I joined Trend nearly a year ago - the fact that our Smart Protection Network is a cloud that handles billions of transactions a day makes much of what we do cloud-centric, and our very focused virtualisation and cloud encryption products are 100% bets on the cloud and virtualisation", he says.

Asprey adds that, like everyone else, Gartner is hearing confusion over hybrid clouds, because the bottom line is that a huge number of private clouds are connected to the public cloud, and vice versa.

Gartner, he goes on to say, is right about there being confusion over PaaS too, saying that the technology is misunderstood.

That's true, says Trend Micro's VP of cloud security, "but when I talk with my buddies at Appigy, it sounds like they're on fire, with no shortage of demand for API metrics and billing for clouds.

Even so, he adds, PaaS (Platform-as-a-Service) is fuzzy in most IT people's minds.

It was, says Asprey, refreshing to read Gartner's opinion that SaaS (Software-as-a-Service) is cheaper for the first two years, but gets more expensive over time than in-house software.

"This is why SaaS is great for start-ups, but larger companies may opt to stay with in-house (or remotely managed in-house, or IaaS-resident software) vs using SaaS", he says.

"Keep in mind though, that every single observation here requires security to be functioning or it simply isn't viable", he adds.

Asprey concludes that this is why he thinks that cloud security doesn't fit on the chart the same way some of these other technologies do.

"Cloud-based security does fit, but security for the cloud does not. It's a critical distinction that deserves consideration."

What’s Hot on Infosecurity Magazine?