Cloud adoption is bringing about a revolution in security innovation. Only a few short years ago security professionals were terrified to even utter the word “cloud”, but today as organizations see the benefit of moving towards the cloud it’s adoption has forced innovations that weren’t around just a few short years ago. If the cloud was to ever be taken seriously cloud service providers knew security had to be wrapped in from the start. By taking this approach leading cloud providers have driven security into their infrastructure and have arguably created environments that are not only as secure as where a business’s data was previously, but potentially even better. In many cases it’s up to the organization to create and manage the configuration in a secure manner. With this being said, CSP’s and security vendors have taken advantage of security in the cloud and are pushing it to their advantage and securing their clients in the meantime.
Cloud Service Providers Benefit from Security
It’s not a secret that AWS and Azure have been making giant strides in security. This has been done by either partnering with third party vendors to integrate their solution into their infrastructure, or with home grown features allowing clients the ability to have the needed architecture to implement a secure network. The security risks of the cloud were made known right away and without the CSP’s foreseeing this blocker as early as they did the cloud adoption wouldn’t be as prevalent as it is today. Not only did they secure their infrastructure to a point where it would pass regulatory audits, but added additional features within their cloud ecosystem that allowed security to come to the masses (E.G Logging, WAF, firewalls, security assessments, etc) that are built into their offerings. In the past other companies might have shied away from these options with on premise equipment, but having these services available has helped spread the awareness and implementation of security to the masses. The major CSP’s have to be given credit on the way they’ve banked on security and turned their offerings not only more secure, but more successful.
Security Vendors Adoption and SecSaas
With the cloud providers shoring up their infrastructure it was only a matter of time before the security vendors started to dabble in the cloud. Today there numerous cloud options available to security your enterprise and the security industry has made a large push to make sure that they’re products are all functional in a cloud based architecture. The security industry has been given a green light to proceed developing their products to be cloud friendly. If they didn’t they’d be left behind by competitors that are taking advantage of all the benefits the cloud has to offer. Just like the CSP’s pushed security into their offering early on, the security vendors are now pushing cloud into theirs.
Security vendors are using the cloud now to produce innovate products that are changing the way businesses work. The flexibility of the cloud and the capability to communicate remotely is allowing vendors to perform additional analysis, monitor more efficiently and remove management systems that once lived on premise at a client’s site. This is also allowing protection of endpoints to be up consistently up to date no matter where that endpoint happens to be. These vendors are also able to setup SOC like monitoring since all data lives on their site and assist the clients with 24x7 monitoring. No longer does an endpoint leaving the boundaries of your enterprise also leave security behind with it. These vendors are able to have their hybrid solutions produce the same level of security and monitoring without being tied to a geographic location.
Also, this has produced a huge increase in SecSaaS or security as a service. These services allow customers to have the flexibility of security services in the cloud and outsource the infrastructure to a third party. This industry has been growing and will continue to be a large part of the security in the cloud. A few examples of these services would be: MFA, IdP, SIEM, spam/phishing, DLP, MDM and the list goes on. These providers are taking particular security services that would normally be done on premise and outsourcing them to the cloud. The innovation here allows quick turn around on implementation, mergers and acquisitions to be unified, adoption of technology that might not have the in-house resources to manage, etc.
Many security companies today will start in the cloud and by having the ability to launch something in startup mode allows for innovators to test their ideas without having to be strapped for capital. This allows the burden of finances to be lifted and for new technology to be developed without the fear of financial loss. The cloud is enabling new ideas that are able to be tested quickly and efficiently and with that the industry will continue to grow and ideas that might have been stifled in the past will flourish and have the ability to be used by the masses.