19
The Path to Security as a Service (SaaS) Gerhard Eschelbeck CTO & SVP Engineering Webroot

The Path to Security as a Service (SaaS)

  • Upload
    rinky25

  • View
    1.648

  • Download
    1

Tags:

Embed Size (px)

Citation preview

Page 1: The Path to Security as a Service (SaaS)

The Path to Security as a Service (SaaS)

Gerhard EschelbeckCTO & SVP EngineeringWebroot

Page 2: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Agenda

• The Evolution of Application Delivery

• SaaS and Security Applications

• Ten Questions to Ask Your SaaS Provider

• Inside View from a Provider’s Perspective

Page 3: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Rewiring the World

“A hundred years ago, companies stopped generating their own power with steam engines and dynamos and plugged into the newly built electric grid. ... Today, a similar revolution is under way. …. This time, it’s computing that’s turning into a utility. “

Nicholas Carr - http://www.nicholasgcarr.com

Page 4: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

The Evolution of Application Delivery

• Traditional On Premise Installed ApplicationOn premise hardware, server, network, database, backup provisioning at customerOngoing maintenance and management performed by customerCustomer is responsible for providing logical and physical securityTypically lengthy rollout/update cycles

• Managed Service ApplicationApplications installed, managed and maintained by a third party High involvement of human resources for application managementInstallation on customer premise or also centralised modelMost applicable for highly specialised applicationsTypically single tenant (dedicated systems) off-the-shelf applications

• Software as a Service (SaaS)Typically no (or very limited) on-premise hw, server, database, backupSaaS vendor provides all maintenance, management, infrastructureApplication usage via browserEconomy of scale due to full automation from the providerFast rollout and innovation/update cyclesMulti tenant architecture (multiple customers share some or all layers of the stack)

Page 5: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

SaaS Deployment Models

• Pure SaaS applicationWeb browser is single interface point with customerAll intelligence is centralised at SaaS providerLimited integration between customer and SaaS providerExamples: CRM, Email filtering, Payroll, Customer support applications

• SaaS with customer side software agentWeb browser is interface point with customerAdditional small client-side software agent (permanent or transient)Enables stronger integration of customer systems and SaaS serviceExamples: Application sharing, Web-filtering, Online-Backup

• SaaS with customer side applianceWeb browser is interface point with customerAdditional hardware appliances (remotely managed) on customer premiseEnables deep integration of customer systems with SaaS providersExamples: Intrusion Detection, Security Management, Vulnerability Assessment

Page 6: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

SaaS Deployment Architecture

Persistent & Redundant Storage LayerApplication Logic / Data Segregation

Presentation/Web Layer API InterfacesGlobal Load Balancing and Security

Customer

Customer

Customer

High Speed Data Processing Engines

Page 7: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Why Security SaaS makes Sense

• Subscription model (pay as you go, per user, per time)

• Reduced risk (performance, uptime, reliability, scalability)

• Lower rollout cost

• No additional IT overhead

• Improved security

• Rapid deployment and implementation

• Compliance requirements (audit trails, archiving, logging)

• Allows to focus on core business

Page 8: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Delivering Security Applications via the SaaS Model

Page 9: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Web Security and Content Filtering

• Challenge: The changing threat landscape - Massive explosion of malware variants is challenging existing signature based desktop and gateway solutions

• Multi-engine approach is required - Unlimited processing power in the cloud

• Global and aggregate threat view allows better decision making• Moving protection layer closer to the source of the malware• Analyse inbound and outbound HTTP content in the cloud• Transparently filter and remove malware and categorise/block

unwanted websites

Page 10: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Web Security and Content Filtering

Page 11: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Email Filtering, Archiving and Management

• Challenge: Sharp increase in spam and email-born malware (high network bandwidth utilisation)

• Multi-level engine approach required to catch spam, zero-day exploits, virus, Spyware

• Moving protection layer closer to the source of spam/malware• Transparently analyse inbound and outbound emails for

content, spam and malware as well as content leaks• Email archiving to satisfy compliance requirements

Page 12: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Email Filtering, Archiving and Management

Page 13: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Vulnerability and Compliance Management

• Challenge: Requirement for third party security assessment and compliance management

• Discovery, assessment, and prioritization

• Internal and external view

• Validation against security policies

• Remediation tracking

Page 14: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Ten Questions To Ask Your SaaS Provider

• Existing customers and deployment size

• Service renewal rates

• Financial strength

• Availability of integration capabilities

• Ability to customise the SaaS application

• Global datacenter footprint

• Availability of training

• Quality and presence of customer support

• Frequency of major and minor updates

• Service level commitments and actual performance

Page 15: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Service Levels

• Service availability and reliability• Latency and performance• Effectiveness• Accuracy• Security

SLAs should be objectively defined and regularly measured and reported by the provider

SLAs should be enforced through clear consequences

Page 16: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Security Considerations

• Data storage model and architecture (encryption)

• User account management (provisioning, roles, permissions)

• Identity management (single-sign-on)

• Security process and certifications (SAS 70, ISO)

• Backup, recovery, physical hosting facilities

• Business continuity

Page 17: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

The Inside View from a Saas Provider

• Known platform provides better application quality

• Global deployment and distribution

• Simple application/revision management

• Load management and scale driven by business growth

• Instant update for all customers

• Ability to scale quickly - unlimited scalability

• Integrate and deliver best-of-breed technologies

• Strong customer commitment and support is critical

Page 18: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Summary

• SaaS empowers the user/customer

• SaaS delivers a high level of customer commitment and service, as switching is relatively easy

• Deploy and leverage applications that are truly SaaS ready

Page 19: The Path to Security as a Service (SaaS)

The Best Security in an Unsecured World.TM

Thank You

Q&A

[email protected]


IBM Terms of Use SaaS Specific Offering Terms IBM Security ... · IBM Security Trusteer Fraud Protection ... ... Client is entitled to Premium Support only for IBM SaaS

IBM Terms of Use SaaS Specific Offering Terms IBM Security ... · IBM Security Trusteer Fraud Protection ... ... Client is entitled to Premium Support only for IBM SaaS

Documents
Nowell Shalom SaaS Security Platform

Nowell Shalom SaaS Security Platform

Documents
SECURITY CONCERNS OVERCOME: CUSTOMERS ......SECURITY CONCERNS OVERCOME: CUSTOMERS MOVING TO SAAS A Cloud Security Study 3 10 5 13 17 STAYING SECURE WITH SAAS Despite the wide prevalence

SECURITY CONCERNS OVERCOME: CUSTOMERS ......SECURITY CONCERNS OVERCOME: CUSTOMERS MOVING TO SAAS A Cloud Security Study 3 10 5 13 17 STAYING SECURE WITH SAAS Despite the wide prevalence

Documents
SaaS Challenges & Security Concerns

SaaS Challenges & Security Concerns

Technology
Path of Cyber Security

Path of Cyber Security

Technology
SaaS Security Programs: Build What You Seek

SaaS Security Programs: Build What You Seek

Data & Analytics
Cloud App Security (SaaS Security) Administration Guide ... › techdocs › pdf › 232-005160... · 5 Click Let’s Get Started. The SaaS Selection page displays. This page lists

Cloud App Security (SaaS Security) Administration Guide ... › techdocs › pdf › 232-005160... · 5 Click Let’s Get Started. The SaaS Selection page displays. This page lists

Documents
SAAS: Simulation Analysis of Aviation Security Year One Report

SAAS: Simulation Analysis of Aviation Security Year One Report

Technology
Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Documents
Class Path Security

Class Path Security

Documents
SaaS Security

SaaS Security

Documents
Security architecture best practices for saas applications

Security architecture best practices for saas applications

Business
Security that works with, not against, your SaaS business

Security that works with, not against, your SaaS business

Technology
Seven Criteria for Evaluating Security- as-a-Service (SaaS

Seven Criteria for Evaluating Security- as-a-Service (SaaS

Documents
Security in a SaaS World

Security in a SaaS World

Technology
SaaS Security Scanner

SaaS Security Scanner

Documents
The Path to SaaS

The Path to SaaS

Data & Analytics
SaaS Security in Healthcare: Can the Fox Guard the Hen ... · SaaS Security in Healthcare: ... • Uses Excellent and Current Software Engineering Practices. ... • Provide a strategic

SaaS Security in Healthcare: Can the Fox Guard the Hen ... · SaaS Security in Healthcare: ... • Uses Excellent and Current Software Engineering Practices. ... • Provide a strategic

Documents
SO YOU THINK YOU KNOW YOUR SAAS SECURITY AGREEMENTS? CSC-SaaS... · 2019/4/24  · Due Diligence Planning •Assemble Multi-Disciplinary Team including Technical, Security, Business

SO YOU THINK YOU KNOW YOUR SAAS SECURITY AGREEMENTS? CSC-SaaS... · 2019/4/24  · Due Diligence Planning •Assemble Multi-Disciplinary Team including Technical, Security, Business

Documents
E-Guide Leading SaaS Data Security

E-Guide Leading SaaS Data Security

Documents
Global SaaS -based Content Security Market 2014-2018

Global SaaS -based Content Security Market 2014-2018

Software
Path Maker Security Presentation

Path Maker Security Presentation

Documents
2017 SaaS Security Study - The Leading Research & · PDF file · 2018-02-082017 SaaS Security Study ... SaaS services have become a key tool for executing on strategy and driving

2017 SaaS Security Study - The Leading Research & · PDF file · 2018-02-082017 SaaS Security Study ... SaaS services have become a key tool for executing on strategy and driving

Documents
SAAS VS. ON-PREMISE SECURITY

SAAS VS. ON-PREMISE SECURITY

Documents
Intel SaaS Security Playbook

Intel SaaS Security Playbook

Data & Analytics
Welcome to the Data Center & Cloud Webinar Series · Edge | IOT and OT. Private. Hybrid cloud. Cloud providers. SaaS. Service providers. Security. Colocation. Serverless. SaaS. SaaS

Welcome to the Data Center & Cloud Webinar Series · Edge | IOT and OT. Private. Hybrid cloud. Cloud providers. SaaS. Service providers. Security. Colocation. Serverless. SaaS. SaaS

Documents
Technology Consulting Making Security Work for SaaS in a ... · Technology Consulting Making Security Work for SaaS in a Financial Services Environment. 2 Financial Institutions’

Technology Consulting Making Security Work for SaaS in a ... · Technology Consulting Making Security Work for SaaS in a Financial Services Environment. 2 Financial Institutions’

Documents
SaaS as a Security Hazard - Google Apps Security Example

SaaS as a Security Hazard - Google Apps Security Example

Technology
Information Security Practises - CEGID · Information Security Practises - Cegid SaaS Page 1 / 33 Confidentiality : Public Cegid SaaS ... technical support for Cegid’s SaaS platform

Information Security Practises - CEGID · Information Security Practises - Cegid SaaS Page 1 / 33 Confidentiality : Public Cegid SaaS ... technical support for Cegid’s SaaS platform

Documents
Security concerns with SaaS layer of cloud computing

Security concerns with SaaS layer of cloud computing

Education