In the last 10 years security was one of the biggest inhibitors of digital transformation. There have been many cases with wide media coverage of security breaches, information leaks, data hijacking, and denial of service (DDoS) attacks.
Nowadays we are faced with a situation of cat and mouse. Hackers or people with some malicious interest are always innovating with regard to their approaches and methodologies, while the security industry has always tried to follow this evolution and offers the market its counter measures, usually reactively.
The next big security challenge will be the Internet of Things (IoT). With an estimated 50 billion "things" connected to the Internet by 2020, security becomes central to the success and evolution of this new digital age where everyone and everything will be connected 24 hours a day.
With this future, how can companies and providers prepare their services, network and data to always be available and protected?
This approach is proving to be the best strategy for companies and providers to keep pace with the evolution of threats and attacks.
In the traditional appliance model, for a company to be protected against external intruders, it was necessary to purchase a dedicated physical firewall, and if it needed protection against denial of service attacks (DDoS) and would have to buy a dedicated appliance. These appliances were invariably oversized, with representative power consumption, physical space in the Data Centers, and limited performance and longevity.
By analogy, the appliance model can be compared to acquiring a car. Usually cars have 5 seats and "theoretically" capacity of 24 hours of use per day, with a usage life of X years. However, we know that in most of the working hours, the car it is parked, when in use rarely are all the 5 seats used, then sold off before the end of usage life. In a simplistic way, it makes the approach of the private car a locomotion solution of very little effect and expensive.
Security as a Service approach comes to optimize this equation, in addition to minimizing CAPEX costs, it will also reduce OPEX (operational costs). Following with our analogy, it would be like using Uber Pool, where the car is available and circulating through the city, with 1 or more passengers at the same time, adjusting its route for the best cost benefit.
In the IT world, companies can hire security solutions as a service from their traditional providers through virtualized solutions or in the more flexible and dynamic Cloud model.
By hiring a Cloud security solution, the company in question can use these services according to their present demands, scale it gradually as required by customers or environment, without having to make an oversized investment, spending with only dedicated equipment energy consumption, without the need of using additional data center space and the risk of the appliances becoming obsolete.
Following this line of reasoning, we can conclude that to follow the evolution of threats and attacks in our network and customer’s network, the approach with more adherence is that of Security as a Service. This approach is more flexible, more dynamic, more cost-effective and more up-to-date with the evolution of threats.