Security technologies delivered via the SaaS (software-as-a-service) business model may still be in their nascent stage, but some early adopters are already piecing together multiple offerings to outsource a significant portion of their IT systems defense infrastructure. One such company is Imperial Chemical Industries, the massive London-based maker of paints and chemicals that is in the process of being acquired by industrial conglomerate Akzo Nobel to the tune of $16 billion. With worldwide business operations and an annual research and development budget approaching $60 million, the chemicals giant is spending more effort than ever before in securing its assets and data, company officials said. However, utilizing a handful of SaaS applications — including vulnerability scanning tools offered by Qualys, e-mail and anti-spam filtering from MessageLabs, and Web filtering provided by ScanSafe — IT executives at ICI claim they are maximizing personnel and budget in a manner that traditional on-premise security products wouldn’t allow. With five years of security SaaS experience under its belt, ICI is beginning to see the long-term promise of the services offerings, according to the executive.But the company is also cognizant that despite the benefits of moving to SaaS services, some elements of its network and data security must always remain on-site.<\/p>\n","protected":false},"excerpt":{"rendered":"
“Over time we’ll likely see a mix with SaaS being used more heavily where it can offer benefits of cost and management, just as with general outsourcing.”<\/p>\n
Having used Qualys’ vulnerability scanning services for over five years, ICI is at the cusp of large enterprises that have begun replacing some in-house security tools with subscription-based services. The company is currently considering use of hosted applications binary code scanning tools offered by Veracode, a relatively new start-up, under the idea that it can begin integrating multiple SaaS technologies to offload larger parcels of its security infrastructure to outside specialists, Simmonds said. “The combination of outsourced vulnerability and binary code analysis through combining Qualys and Veracode is the type of thing that could be very significant as it’s the kind of work that can truly benefit from being done once, centrally, in terms of running samples through tests. Emerging security tools like NAC systems and endpoint-oriented products, including data leakage prevention software, are among the types of technologies the ICI security chief said wouldn’t ever likely be provided via SaaS.<\/p>\n
In the meantime Simmonds said that the chemicals behemoth will continue to seek out new SaaS security alternatives as they come to market. Philippe Courtot, chief executive of Qualys, is recognized as one of the chief evangelists of security SaaS in general, just as Salesforce.com CEO Marc Benioff has become associated with pushing the hosted applications model into the enterprise software space. <\/p>\n
However, with 37 Fortune 100 companies among its enterprise customers and a groundswell of interest from smaller firms driving what he labeled as rapid growth at the privately-held firm, Courtot claims that security SaaS is moving quickly from an emerging phenomenon into a widely-accepted business model. “I don’t think that the time is here for certain enterprises, and some may never embrace SaaS, and for securing and scanning the endpoint, we’ll always likely see tools at the endpoint,” he said.<\/p>\n
http:\/\/www.infoworld.com\/article\/07\/08\/22\/Security-SaaS-maturing-fast_1.html<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2188","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2188"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2188\/revisions"}],"predecessor-version":[{"id":4675,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2188\/revisions\/4675"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}