The Essentials Series: Using Cloud Services to Improve Web Security

by Mike Danseglio


Companies entrust their security systems with a great deal of responsibility. Such systems must protect corporate assets from an unending proliferation of online attack, abide by regulatory compliance standards, monitor all legal exposure to stockholders and employees alike, and keep intellectual property from leaking through Facebook, Twitter, and other social media outlets. In The Essentials Series: Using Cloud Services to Improve Web Security, author and IT expert Mike Danseglio explains many of these new threats and security requirements, and explores how Web security delivered through cloud services can address them. In addition to discussing the many concerns and questions over cloud-based security, Danseglio offers a number of cloud-based approaches, including protection strategies for mobile workers and portable devices. This series closes with a discussion of how Web security delivered through cloud services differs from large, on-site security infrastructures, and how this new setup can deliver cost-efficient and seamless protection against the dynamic attack landscape.


Article 1: Web Security Services: Delegating Security Responsibility to the Cloud

Over the past decade, a worldwide industry of IT penetration has come into existence. As a result, attackers who used to only care about high-profile or high-profit targets are now setting their sights on smaller companies to make money. Your assets are not immune. To boot, existing on-site security infrastructure may not be sufficient in protecting against the dynamic changing attack landscape. Nor may it be the most cost-efficient or seamless security method. But is delegating security responsibility to the cloud really the right move? Though only a fantasy just a few years ago, cloud security approaches are now recognized as a highly-effective defense mechanism. But how do they work and can you trust them to take care of your security needs? This article answers those questions and much more!

Article 2: Using Web Security Services to Protect Portable Devices

Roaming employees are more prevalent than their fixed-location counterparts. With laptops, netbooks, and a host of devices in between, virtually every user has some level of corporate portability. Just walking to work in the morning, the typical urban IT employee is exposed to countless technology attacks against their information assets and devices, most of which are transparent (even when successful). Does your company protect its assets and enforce mandatory security and appropriate-use policies in these scenarios? Should this even be a concern? This article explores the ways you can employ effective cloud-based security solutions to stop remote and roaming users from breaking policies (and often the law).

Article 3: Can You Trust a Cloud-based Security Solution?

The variety of cloud-based solutions can be daunting. Every solution is different but similar. And trusting your company's security and compliance requirements to the cloud is an additional layer of abstraction. Therefore, you need to understand whether this kind of solution is worth the change from or extension beyond your existing security solution. This article helps demystify the difference between traditional on-premise approaches and the newer cloud-based security solutions. Once you understand the benefits, you can decide which features you truly need and which are simply nice-to-have. You will also have a clear understanding of whether the cloud offers the right security features for your company.