Security as a Service – greater flexibility better security

Solution Centre - Solutions That Mean Business

As the users, applications and data move outside the corporate firewalls, security can get pretty complicated pretty quickly.

Even within the firewalls a typical data perimeter might have a huge stack of appliances.

typical security appliance stack

Conventional Security Appliances

Typical security stack:

  • Next Generation Edge Firewall
  • Load Balancers
  • Aggregation Firewall
  • Web Filter
  • Zero Day and Advanced Threat Detection
  • DDoS Protection
  • Data Leakage Prevention
  • Log File Capture and Analysis

typical data centre

Security Appliance Overhead

All of which will need to be:

  • Duplicated for resilience
  • Patched
  • Bought on CAPEX Capital cost
  • Put on a replacement cycle CAPEX
  • Powered
  • Cooled
  • Integrated
  • Diagnosed on occasions
  • Occupy space

security appliance - inflexible brick

Security Appliance Nightmare

The outcome will be:

  • Human resources being tied up doing nothing which will improve the functionality of the organisation
  • Lack of flexibility in deployment as incremental load increases mandate a whole new appliance with the consequential lead time, CAPEX spend and man hours to deploy, commission and configure.
  • Problem with remote offices, do you deploy kit or backhaul everything for single breakout
  • Problem for mobile users, do you make them VPN in to get to the internet, trashing their user experience, or do you let them run wild and not worry when they bring the devices back into the office?

The Security as a Service Alternative

Security as a Service

The alternative is security as a service. With security as a service you have the flexibility to scale or turn it on and off as you need it. It can be everywhere, as it can run on premise or in the cloud, so whether users are behind the corporate firewall in head office, or at home, or on a mobile in a coffee shop, they can have the same protection, the same policies and the same logging and analysis performed.

OPEX and Flexibility

With no big CAPEX spend and no deployment increments which are appliance sized, you get huge flexibility with security as a service. You can vary the number of users on demand. If the organisation acquires a new subsidiary or sets up a new office, the security protocols can be in place in minutes.

Leverage a Big Security Team

Most organisations don’t write their own operating systems or build their own hardware these days, as that requires an overhead in terms of skills, head count etc. The firms that do such work have large teams of specialists. With security as a service you can leverage the large teams of security specialists and security skills of service provider. This means that in house teams can either shrink or be usefully reassigned to tasks which actively improve productivity or functionality of the organisation, rather than maintenance tasks.

Improved User Experience

Security as a service should aim to be frictionless for users. If you put impediments in users’ way they try and work round them, they are not usually averse to security, just hassle. Making the experience transparent to users and allowing direct access to cloud services can give an enhanced user experience.

Better Security

A well designed security as a service implementation can be more secure than conventional approaches. For example, it can make provisioning and de-provisioning automatic, eliminating transcription errors and forgetting to turn off that service the user has access to when they leave. It can also mean that users don’t know or need to know their login credentials for myriad services, meaning they can only access the service by the approved means and they can’t bypass security by logging in directly.