Meeting the Security Needs of SMEs in the Cloud

Written by

Fear, Uncertainty and Doubt, better known as FUD, has been used by IT security vendors to scare customers into buying their products for years.

Today, this continues to be an effective tactic, but can leave small to medium sized businesses with a worrying problem. While most have the same data confidentiality and compliance issues as those of big enterprises, they often lack the security budgets and trained personnel to mitigate the risks.

This is compounded by evidence that criminals are turning their attention to these smaller companies. According to PwC’s 2015 global State of Information Security Survey, 62% of data breaches that year were at the SMB level.

Criminals increasingly don’t care who they’re attacking, as they have viruses or ransomware to attack thousands or millions at the same time. Some experts believe SMEs are serving as test lab for techniques to use on bigger targets. 

The rise of the UTM

The traditional approach to IT security is to employ individual solutions to monitor and control each threat vector individually. The idea is to get the best product for each security task. However, each product requires time and training to set up, maintain and operate, plus additional time for any integration and coordination between the products.

So, to address the needs of the SME during the first wave of security solutions, the UTM or Unified Threat Management appliance became popular. This all-in-one solution replace multiple point-products and provided firewall, content filtering, malware scanning and more, all in a single, easy to install appliance. The message to SMEs was one of simplicity; one box, one vendor, hardware and software from the same place. It made sense and SMEs embraced the concept in large numbers.

But soon, customers started to became disenchanted when their UTMs started slowing down their networks, as more security services were added.  Furthermore, some aggressive hardware refresh cycles meant companies had to upgrade and replace more often than they had originally planned.

Enter the Cloud

In recent years, early hype around the cloud has materialised into growing adoption as companies realised the benefit of IT services delivered online and supported remotely.

Despite some early reservations, the ‘as-a-Service’ model has been embraced by the IT security industry. Cloud-based SaaS – Security as a Service offerings started with email as it is simple to forward mail to a centralised service to be examined and spam and malware removed.  Gradually, other services became available in the cloud with vendors offering web filtering, for example.

While these have remained separate services, the flexible computing power, global coverage and cost savings associated with the cloud deliver value to the end-user. A key benefit of moving to the cloud is that it can be realised by businesses of all sizes and particularly appropriate for smaller businesses where centralising security services in an integrated cloud platform provides better security in an easier to use form factor and requiring less support.

Cloud v on-premise

Moving from an on-premise approach to the cloud, delivers a number of core generic benefits compared to an on-premise approach, including: 

No hardware to install: Normally, installing on-premise solutions will involve physical concerns over power and heat, router capacities and a myriad of other concerns.  Installation involves putting in servers, running cables to and from, configuration and changing protocols, often creating days of work and reams of paperwork, which go away in the cloud.

Common policy engine:  The implementation of a security policy across different vectors is far easier in a cloud architecture and more effective than using information management products to gather and make sense of security point products from different vendors.

Security personnel empowerment:  A well-designed complete security platform will give increased visibility to the threat landscape and make it easier to install and maintain an effective security posture.

Coordinated real-time response to unknown malware:  Each time new malicious activity is detected, the responsible code is quarantined and analysed using sandboxing, signature analysis and other techniques to quickly categorise and naturalise the suspect code. On-premise solutions cannot execute these updates in anywhere near this urgency, leaving an inherent gap in security for on premise systems.

Global Reach: Each new piece of malware has an origin location and spreads from there.  A global cloud network serving customers around the world will be far more effective in identifying new malware and rapidly providing a means to recognise and block that attack   when supported by a global data centre network. These updates happen in very close to real time and protection is available instantly around the globe.

Unified Threat Intelligence:  Since all traffic is visible to a cloud security platform, analysis and correlation of data elements in real time are not only possible, but an integral part of the cloud’s promise, brought to life in a security environment.

The fact is that SMEs face greater threats than ever before, combined with modest security budgets and a shortage of well-trained personnel.  And while many smaller organisations don’t have the same level of critical needs for information protection, malware infections can slow network and bring down email severs or individual workstations.

While the migration from on-premise, best of breed and UTM approaches won’t happen overnight, the case for the cloud appears compelling and will play an increasing role in helping SMEs mitigate their risks and address their fear, uncertainty and doubt.

What’s hot on Infosecurity Magazine?