Do cloud providers offer security 'as a service'?

Opinion by Dan Raywood

Back in September we considered whether cloud providers could consider using security as a type of sales tool to lure customers in.

Back in September we considered whether cloud providers could consider using security as a type of sales tool to lure customers in.

In the article, Rob Rachwald, director of security strategy at Imperva, told SC Magazine that users need to agree upfront on compliance and security policies, but predicted that cloud providers will start to set themselves apart with security to show how secure they are and how they use secure tools.

Taking this concept to the cloud providers, Lew Moorman, chief strategy officer at Rackspace Hosting, said that it was not a selling point of its direct offering. He said: “If you do not have security products and policies in place you will not compete. You will be exposed if it is not running well. Many think that they have better security in-house, but this is not in-house. It is like the difference between driving a car and flying a plane, having control makes you comfortable.

“We compete on a one dimensional service. When bringing stuff in, we can offer a higher end service so if you get stuck in the middle of the night we can solve it. Companies offer managed hosting and security leads to a complete business, that is what we are the best in the world at. There are plenty of customers who want the cheapest and probably will make a choice on that but it is not a perfect fit, as every customer has different requirements.”

Dom Monkhouse, managing director of Peer 1 Hosting, said that among its offering was a distributed denial-of-service (DDoS) protection insurance, so if a website is hit by a DDoS it will move the traffic elsewhere and allow real traffic to a site and keep a company in business.

He said: “Users want an offering that is enterprise class, in as much as you might have a company with ten guys and the process is all online, another may be ten times that size but with not so much online.

“Mostly people are looking for a quality service, our aim is to build a business where our customers wish that was where they were.”

Owen Cole, technical director at F5 for UK, Ireland and Sub-Saharan Africa, told SC Magazine that companies looking to outsource need to understand how applications work as with application delivery control, you can understand what is going on and what technologies are used.

He said: “Look at the security implications, it is easy to be scared of compliance and of the fear of losing control. There are times when the application needs to burst but with the correct level of control and with identity and access management you can look at the user and integrate the environment with the IT systems. It gives you the ability to stretch out and lower the capital expenditure.”

In many of the conversations I have had about outsourcing, it seems that security is still the prevalent factor and main concern. Ensuring that your provider meets with your needs is the key factor, after all it is not like there is only one cloud provider is it?


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events