Why You Need to Consider Cloud-Based Security in 2012

sponsored by Osterman Research, Inc.

P.O. Box 1058 • Black Diamond, Washington • 98010-1058 • USA Tel: +1 253 630 5839 • Fax: +1 253 458 0934 • [email protected]

www.ostermanresearch.com • twitter.com/mosterman

An Osterman Research White Paper

Published January 2012

SPONSORED BY

!!!

!!!

sponsored by

Why You Need to Consider

Cloud-Based Security in 2012 SPON

WH

ITE

PA

PER

SP

ON

Why You Need to Consider Cloud-Based Security in 2012

©2012 Osterman Research, Inc. 1

Executive Summary Protecting endpoints from various threats is perhaps the single most critical function for any IT department. Given the still voluminous quantity of spam that hits corporate email servers, the growing threat from malware and advanced persistent threats, and the increasing number of physical platforms and Web-based applications that have access to corporate data resources, protecting critical these resources and platforms should be at the top of virtually IT decision-maker’s “must-do” list. However, the sheer volume of these threats and their sophistication in using social engineering and other methods to penetrate corporate defenses, coupled with an increasingly dispersed workforce, mean that on-premise security solutions alone will not provide adequate protection in most cases. Consequently, many organizations have opted for cloud-based security solutions, either as complete replacements for their existing on-premise solutions or – more commonly – as supplements to it. KEY TAKEAWAYS There are four key takeaways presented in this white paper: • The number, sophistication and consequences of email, Web and other threats is increasing

and will require more advanced, faster and more efficient ways of dealing with them.

• Security is a priority that has not been lost on IT and business decision makers. Most continue to view security as a top-of-mind issue, resulting in security spending and analysis of new security models as a leading priority in most organizations.

• The use of cloud-based security capabilities is increasing at a faster pace than use of on-

premise security servers and appliances. While we do not believe that on-premise solutions are by any means going away, their use is being displaced and/or supplemented by cloud services.

• Cloud-based services are generally seen as a complement to existing on-premises email

security and Web security solutions, rather than an outright replacement, particularly in larger organizations. To an extent this is because some organizations are taking a cautious approach to cloud-based services for email and Web security and will run these in addition to in-house systems. For others – and we believe a growing proportion – the goal is to create a layered security model that performs pre-filtering in the cloud and uses on-premise solutions for the “heavy lifting” tasks associated with data loss prevention (DLP) and other CPU-intensive tasks.

ABOUT THIS WHITE PAPER This white paper discusses key security issues focused on email, Web and other communication and collaboration systems. It also provides information on the sponsors of this white paper – AppRiver, Proofpoint and SpamTitan – and their relevant offerings. Information on each vendor is provided at the end of this document.



The Growing Challenges of Email and Web Security THREATS ARE GROWING IN SOPHISTICATION AND SEVERITY During the past several years, we have observed growing numbers of organizations reporting security violations experienced through the Web and email – albeit with a slight drop in 2011 – as shown in the following figure from an Osterman Research study published in late 2011i. Proportion of Organizations Reporting a Successful Security Violation by Mode 2007 through 2011

The data in the figure above suggest that security violations – namely malware, phishing and related types of attacks – are growing steadily over time. The drop in these issues in our 2011 research suggests that defenses against these incursions are becoming somewhat more successful as they become more widely deployed and as organizations are deploying cloud-based defenses as a supplement to traditional on-premise systems. That said, the proportion of organizations reporting security violations is at a very high level and is creating an enormous number of risks for organizations of all sizes and across all industries. SECURITY IS MORE DIFFICULT BECAUSE THERE ARE MORE INGRESS POINTS Complicating the problem of security, and at least partially explaining the growth of malware incursions over the past several years, are two fundamental problems that virtually all organizations need to manage:



• As discussed later in this white paper, spammers, malware authors and other criminals are becoming more adept at their craft, they are better financed than in years past, and thus they are better able to penetrate corporate security defenses.

• As companies provide users with more mobile platforms, as shown in the following figure,

and as employees “consumerize” IT by using their personal devices alongside those supplied by their employer, as shown in the next figure, the number of ingress points for malware continues to increase.

Please note that the data in these figures totals to more than 100% because many employees use multiple devices. Penetration of Company-Supplied Mobile Devices 2009 through 2012



Penetration of Company-Supplied and Personal Mobile Devices 2011 and 2013

SPAM IS STILL A SERIOUS ISSUE The good news about spam is that volumes of this unwanted content were substantially lower in 2011 than in 2010 due to the takedown of various botnets. The bad news is that spam continues to represent roughly 75% of all email traversing the Internet. Spam, while not “dangerous” from a security perspective per se, wastes bandwidth, storage, and employee time, not to mention the cost of deploying systems to deal with identifying and eradicating spam from corporate networks. Spam wastes IT’s time, users’ time and drives up the overall cost of email and other IT-managed systems. MALWARE IS BECOMING A MORE SERIOUS THREAT Much more sinister than the spam problem is malicious email – messages, such as phishing or spearphishing attempts, that are sent with the specific intent of carrying a damaging payload or directing a victim to a malware site so that information or funds can be stolen. The growing number of keystroke loggers, password-stealing Trojans and other types of malware means that corporate data and finances are increasingly at risk. Data theft can include sensitive content like usernames and passwords, but it can also include login data for banking systems, customer data, trade secrets and other types of confidential information. The increasing end goals of stealing information (both personal and corporate), hijacking systems for a wide range of purposes and launching additional malicious attacks all have serious business implications, in



addition to the more traditional impacts to storage, bandwidth, infrastructure and other costs. For example, there have been a number of serious malware incursions during the recent past: • A number of children’s game sites have recently been spreading malware. For example, a

Czech security firm found that as of January 10, 2012, the children’s site CuteArcade.com had attempted 12,600 Trojan infections. This is a particularly dangerous threat, since many employees work from home on the “family” computer, potentially leading to infections in corporate networks.

• In December 2011, the Web site of Amnesty International UK was compromised and was

delivering malware to visitors in a “drive-by” attackii.

• Also in December 2011, Microsoft discovered malware that infects users’ PCs with a message supposedly from the national police force of various nationsiii. This particular malware variant is unique in that it is delivered primarily in the local language of the victim, affecting users thus far in Germany, Switzerland, the United Kingdom, Spain and the Netherlands.

• In September 2011, Mitsubishi Heavy Industries experienced a spearphishing attack that

compromised 83 different systems in 10 locations across the companyiv. • In June 2011, the International Monetary Fund (IMF) experienced a spearphishing attack

that may have been perpetrated by a rogue state. Although employees were warned not to open unexpected attachments, to open email from unknown senders or to click on video links, malware in an email successfully penetrated IMF defenses and information was stolen from compromised computersv.

• In April 2011, hackers sent phishing emails to many lower level employees at security firm

RSA. These emails contained the subject line “2011 Recruitment Plan” and included an Excel spreadsheet attachment that contained a zero-day flaw aimed at vulnerability in Adobe Flash. Although the emails were successfully sent to these users’ spam quarantines, the emails were opened and a Trojan was installed that was able to harvest credentials from many employee accounts, compromising RSA’s SecurID tagsvi. As of late 2011, 760 organizations have been attacked using the same command and control, including IBM, Google, Microsoft and about one-fifth of the Fortune 500vii.

• On April 7, 2011, a spearphishing attack sent to the Oak Ridge National Laboratory was able

to steal a few megabytes of data before IT administrators cut off Internet access. The email sent to employees was supposedly from the lab’s HR department and was received by 530 employees, 57 of whom clicked on a malicious link contained in the emailviii.

• In November 2010, a 26-year-old Hungarian citizen, in a strange attempt to be hired by

Marriott International, sent an infected email attachment to several Marriott employees that allowed him to steal sensitive information from the company. Marriott estimates that the cost of analyzing the extent of the compromise of its network cost it somewhere between $400,000 and $1 millionix.



• Also in November 2010, employees at the Ministry of Economics, Finances, and Industry in France received spearphishing emails that contained a Trojan. A minimum of 150 computers were compromised and sensitive G-20-related documents were stolenx.

The threat of malware rarely ends with the initial victim, since the data stolen is often used to generate new attacks. For example, data hijacked in the very well publicized Epsilon breach in 2011 is now being used to target customers of Chase Bank. BREACHES CARRY MORE RISK Threat that come from the Web – such as those that can infect users who are simply surfing the Web or using Web 2.0 applications like Facebook or Twitter – are becoming much more serious as criminals increasingly exploit holes in corporate security defenses, and as users employ more Web-based tools. These threats are becoming so costly that many organizations are at risk of being put out of business through direct financial losses or the loss of data that carries with it very high direct and indirect costs. For example, many organizations have been targeted with keystroke loggers, such as Zeus, that allow criminals to transfer funds out of corporate financial accounts. There have been many cases of this type of theft – many targeted to small and mid-sized organizations that often do not have full-time IT staff – resulting in major financial losses: • Hillary Machinery: $800,000 (its bank was able to recover only $600,000xi) • The Catholic Diocese of Des Moines: $600,000xii • Patco: $588,000xiii • Western Beaver County School District: $700,000xiv • Experi-Metal, Inc.: $560,000xv • Village View Escrow: $465,000xvi • An unidentified construction company in California: $447,000xvii • Choice Escrow: $440,000xviii • The Government of Bullitt County, Kentucky: $415,000xix • The Town of Poughkeepsie, New York: $378,000xx • An unidentified solid waste management company in New York: $150,000xxi • An unidentified law firm in South Carolina: $78,421xxii • Slack Auto Parts: $75,000xxiii As bad as these losses are – particularly in light of the fact that most of these organizations are relatively small and can ill afford to lose amounts this large – the direct loss of funds is not the only consequence of malware. For example, the 2011 Data Breach Investigations Report found that malware was responsible for nearly 80% of lost data in 2010 and was a factor in roughly one-half of the cases in which data was lostxxiv. Compromised data can include a wide variety of valuable content, including trade secrets, financial data, marketing plans, server passwords and other sensitive and confidential information. IMPROVING SECURITY IS A HIGH PRIORITY The good news on the security front is that the seriousness of problems involving security risks have not been lost on IT and other decision makers. For example, Web security, anti-virus, anti-spam, and corporate smartphone security capabilities are all fairly strong priorities for spending, as shown in the following figure.



Priorities for Security-Related Spending % Responding a Priority or High Priority

Why Consider Cloud-Based Security? While on-premises security solutions can provide robust defenses against spam, malware and other security threats, cloud-based security – used either as a standalone solution or in conjunction with on-premise defenses – offers a number of inherent advantages: • Most threats never hit the on-premises network

The use of a cloud service for spam processing, for example, eliminates the majority of content processing, storage and bandwidth associated with spam before it ever reaches the customer’s network, making the on-premise infrastructure more efficient. More critically, the bulk of malware can be eradicated before it ever reaches the corporate network, leaving on-premise solutions – if they are in place – to act as another layer of protection against these threats.

• More efficient use of IT resources

One of the key issues that should be considered by any organization – but one that often is not – is the opportunity cost of IT staff members. Most CIOs and IT managers would agree that finding and retaining highly qualified IT staff is not an easy task. As a result, in-house IT staff should be used so that they can provide maximum efficiency to their employer, while also giving them a satisfying work experience that will motivate them not to move elsewhere.



A cloud security solution – whether used for messaging security, Web security or other capabilities – allows IT staff members to move on from managing security servers and appliances and to work on projects that provide more differential value to the organization and that can result in greater job satisfaction. More broadly, the use of cloud services allows an organization to focus more on its core business rather than devote resources to managing its security infrastructure. Just like the vast majority of organizations do not generate their own electricity or drill their own water wells, organizations should consider security to be a service that should at least partially be in the cloud.

• Reduced total cost of ownership

Many decision makers believe that internally managed security systems are less expensive to deploy, configure and manage than cloud services. While in some cases that perception may be true, very often it is not largely because many decision makers do not factor in the total cost of providing robust security capabilities. Many underestimate the cost of labor to manage their security infrastructure and they do not consider the highly disruptive impact of outages and other unforeseen events. A cloud security capability can be significantly less expensive than its on-premise counterpart when all of the costs of security are included.

• Easier support for mobile and remote users

Given that a growing proportion of the working population is mobile – either because of corporate telework initiatives or employees who travel as part of their work – security for these employees can be difficult to manage using on-premise systems. Cloud security capabilities can provide a high level of protection for these employees, many of whom use Wi-Fi hotspots and other resources that are much less secure than their in-office counterparts.

• Rapid deployment of services

One of the fundamental benefits of a cloud security service is the speed with which services can be deployed. For example, using a cloud service make it easy to add or subtract small numbers of users, or even entire business units, from a particular service, which is particularly advantageous when integrating merged or acquired companies into an IT infrastructure.

• Better prevention of zero-hour threats

Cloud service providers typically update their capabilities on a near real-time basis and often have access to new malware signatures sooner than they are made available for user of on-premise systems. Moreover, many cloud security providers run multiple threat detection systems, making their solutions less likely to allow malicious content through to customer endpoints, particularly when used in conjunction with on-premise security solutions.

• Extending the life of on-premises solutions

Related to the point above is that cloud services allow an organization to extend the useful life of an in-house security solution. For example, if a company has reached the maximum capacity of its email filtering appliances, it could implement a cloud-based spam filtering service that would dramatically reduce the amount of incoming traffic and thereby allow new investments in internal hardware to be postponed or avoided altogether.



• Distribution of security tasks As a corollary to the point above is the inherent advantage of cloud security services to offload the majority of content scanning and filtering from the on-premise infrastructure, leaving on-premise systems free to do the “heavy lifting” of deep content inspection. Because DLP solutions, for example, typically require more CPU horsepower than scanning for spam or known malware, the on-premise infrastructure can be focused more on these CPU-intensive activities.

• Very high reliability and ability to better satisfy SLA commitments Cloud service providers can typically invest more resources into their infrastructure than individual organizations can afford and so provide extremely high levels of reliability. Because most cloud service providers maintain very capable data centers, they can typically offer higher levels of reliability and better Service Level Agreements (SLAs) that would be difficult for internally managed systems to match. This allows customers to focus on providing services that offer greater value to their enterprise with the assurance that functionality will be available virtually 100% of the time. It is also important to consider that cloud providers’ data centers are staffed on a 24x7 basis and that capabilities are monitored around the clock – something that would be cost-prohibitive for smaller companies. This means that problems can be dealt with more rapidly than is feasible in many on-premise deployments.

• Improved disaster recovery and business continuity

Another important advantage of cloud solutions is that they can provide a very useful backup messaging solution in the event of an outage of the primary messaging system. For example, most cloud security providers will spool incoming email for at least several days (much longer in some cases) if it cannot be delivered to a customer’s server. This prevents an email server outage from causing bouncebacks to senders and ensures that incoming email is still being processed.

Considering Different Cloud Deployment Models Cloud services are increasing in popularity and offer a robust option for organizations to implement a variety of threat-protection capabilities. As shown in the following figure, deployment of security in the cloud is rapidly outpacing growth in both on-premise server and appliance-based solutions.



Installed Base of Security Solutions by Delivery Model 2011 and 2012

The primary advantages of the cloud model, as discussed above, are that no investments in infrastructure are required, up-front costs are minimal, ongoing costs are predictable, and all management and upgrades of the system are managed by the cloud provider. A newer approach that is increasingly offered by vendors is to combine on-premise infrastructure with cloud services. For example, a vendor may provide a spam-filtering appliance on-site, but couple this with a cloud spam-filtering service that acts as a sort of pre-filter; or they may rely on a cloud-based anti-malware service and desktop anti-virus tools. Many organizations are deploying their own hybrid solutions, mixing and matching various vendors’ cloud and on-premise offerings into a customized hybrid solution. The fundamental advantage of this layered, hybrid approach is that the on-premise infrastructure is protected from unanticipated events like spikes in spam traffic or overall increases in the volume of malicious traffic over time. This helps to preserve the on-premise investment and maintain stable performance of the IT infrastructure as measured by metrics like email message delivery time or latency in delivering Web pages. Osterman Research believes that in the future cloud-based services will more often be used a complement to existing on-premises email security and Web security solutions, rather than as



an outright replacement. While many small organizations may opt for a cloud-only security model, most mid-sized and large firms will adopt a hybrid approach. A new deployment offering is that of private cloud based security solutions, a combination of cloud and virtualization technologies, delivering immediate private cloud based virtual appliances to the customer. This new and interesting option offers all the benefits of the cloud, but with the additional security of a private cloud.

What Should You Ask a Cloud-Based Security Provider? There are a number of questions that should be asked of any prospective cloud security provider, among which are the following: • What capabilities do you offer and what is on your roadmap?

This is perhaps the most critical single question to ask of a cloud security vendor because of the increasing number of communication and collaboration channels for which security will need to be provided. These include social media, file-sharing capabilities, file-synchronization services, various types of Web 2.0 applications and Web services, etc. A cloud vendor that does not keep pace with the long-term requirements of its market, while a solid choice today, might need to be reconsidered at a later date.

• How integrated are your services?

Giving customers a single pane of glass from which to manage cloud security capabilities – spam quarantines and filters, messaging policies and the like – will make management of these services easier and more efficient.

• What is your financial viability?

It goes almost without saying that any vendor – but particularly one focused on such a critical offering like messaging, Web and collaboration security – must remain solvent and generate the operating funds needed to continually improve their security solutions.

• How secure is your infrastructure?

Just how physically secure is the provider’s infrastructure in the context of physical security like video monitoring of the data center(s) and access to servers, backups and other resources that house customer data? While this is more important for cloud services at which customer data is stored for long periods, like archiving services, it is also an important consideration for security vendors, as well.

• What certifications have you met?

Another important question is the level of certification that cloud providers have met or are planning to meet in the future. Among the certifications that might be considered for review are Statement for Attestation Engagements (SSAE) 16, Statement of Auditing Standards (SAS) 70 Type II, Federal Information Security Management Act of 2002 (FISMA) and International Organization for Standardization (ISO) 27001.



• What architectural capabilities ensure that there is neither delay in message delivery nor any additional, unnecessary risk incurred by storing a copy of the message? This is another important question because it can determine the level of latency introduced by the cloud-screening process. While delays of just a few seconds are unlikely to be noticeable in the vast majority of situations, processing delays of a minute or more might impact message throughput and productivity. Moreover, if a provider must store customers’ content – such as when spooling messages when the primary message system is suffering an outage – how content is stored should be well understood.

• Are you using your technology or another vendor’s?

It is important to understand which vendors’ technologies are used for malware scanning by each prospective cloud provider, since the efficacy of each provider’s services can be significantly impacted by the technologies they employ. Moreover, it is important to understand how these vendors’ solutions will interact with current on-premise systems in a hybrid deployment.

• What provisioning tools are available?

The availability of provisioning tools, such as a Web-based interface for adding users, modifying services, monitoring content, etc., can vary from one provider to another.

• Where is the data stored?

This is another important question, particularly for cloud security providers that spool their customers’ data during outages. For example, non-US companies might opt for a cloud provider with data centers outside of the United States in order to avoid potential access of their content under the PATRIOT Act. Countries in which data protection laws prevent the storage of sensitive or confidential data outside of a particular geography must also be cognizant of exactly where cloud providers store their data.

• Do you operate multiple data centers?

This is an important question because it impacts message latency, as well as the ability of a cloud provider to meet or exceed its SLAs.

• How often are upgrades provided?

One of the fundamental advantages of cloud security is that it can be updated on an almost continual basis. Leading cloud providers will update their malware signatures and other elements of their infrastructure frequently.

• What are the termination conditions?

This is by no means a “show-stopper”, but an important question nonetheless because of its impact on the ability of a customer to migrate to a new cloud security provider easily and rapidly.

• What reporting capabilities are available?

Robust reporting on spam levels, false positives, malware filtering and other parameters of the cloud security service are important to provide IT administrators with the ability to fine-tune corporate security policies, as well as to determine the overall effectiveness of the security offering. However, while the effectiveness of blocking malicious content is



important, even more important is how malicious content is handled if it has entered the corporate network.

• Are professional services available? While professional services often will not be necessary in the context of cloud security per se, organizations operating hybrid environments may need these types of services to effectively integrate their on-premise capabilities – such as DLP – with cloud services.

Summary Security is a critical issue that is becoming more complex and more difficult to address. As a result, organizations of all sizes need to find new and more effective ways of protecting data and endpoints in their organization, while reducing the cost of doing so to the greatest extent possible. Cloud security capabilities should seriously be considered as a replacement for, or supplement to, on-premise security defenses.

Sponsors of This White Paper AppRiver, a leading provider of email messaging and Web security solutions, was among the first syndicated partners to bring the new Microsoft Office 365 suite to market. With more than 45,000 corporate customers and 8 million mailboxes worldwide, AppRiver is one of the largest hosted security service providers in the world. It is that record of success, and the company’s over-the-top commitment to customer care that made AppRiver a natural partner during the launch of Office 365. With Office 365 from AppRiver, there's no upfront investment in software, updates are automatic and included, and service plans may be tried out for free for 30 days. There are no cancellation penalties and clients are free to leave at any time. That said, the company maintains an impressive 93% customer retention rate since inception and backs its services with award-winning Phenomenal Care™. Every AppRiver customer has VIP access to US-based technicians 24 hours a day, every day. What’s more, a team of trained sales engineers is available to assist customers with complimentary migration to the cloud. AppRiver offers a growing suite of cloud-based security solutions that may be managed within a single, easy-to-use customer portal. Services include spam and virus protection, secure Exchange hosting, email encryption, email continuity, archiving and Web protection. The company is led by an Ernst & Young Florida Entrepreneur of the Year award winner, and has been identified as a Top 20 Cloud Security Vendor in 2011 by Everything Channel’s CRN magazine. For more information, please visit www.appriver.com.

!

AppRiver, LLC 1101 Gulf Breeze Parkway

Suite 200 Gulf Breeze, FL 32561

USA

+1 866 223 4645 www.appriver.com



Proofpoint, Inc. helps the largest and most successful companies in the world protect and govern their most sensitive data. Proofpoint is a pioneering security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance and secure communications. Organizations around the world depend on Proofpoint’s expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. Proofpoint’s cloud-based data protection solutions include: • Proofpoint Enterprise Protection delivers the industry’s most comprehensive threat

classification and email security management solution against phish, virus, spam, and other email-borne threats. Robust outbound email features include outbound spam/virus detection and email policy enforcement.

• Proofpoint Enterprise Privacy provides powerful data loss prevention, protection and encryption capabilities—the easiest and most cost-effective way for organizations to prevent leaks of sensitive data. Powerful policies help organizations protect email data based on the role of specific users. Advanced, deep content analysis monitors and classifies both structured and unstructured data, ensuring that all sensitive information is protected. The policy-based encryption capabilities of the included Proofpoint Encryption solution support both desktop and mobile users, ensuring an easy, seamless experience from any device.

• Proofpoint Enterprise Archive is an on-demand email archiving solution that addresses three key challenges—legal discovery, SEC/FINRA compliance and end user email management—without the headaches of managing email archiving in-house. Proofpoint Enterprise Archive can be utilized for search anytime-anywhere with sustainably fast, reliable performance uniquely backed by a Search Performance Guarantee.

• Proofpoint Enterprise Governance is an enterprise information governance solution that allows organizations to easily track, classify, apply policies and monitor unstructured information wherever it exists across the enterprise. Using patented Digital Thread® technology, Proofpoint Enterprise Governance follows every document as it proliferates and migrates, allowing you to take control of all the unstructured, unmanaged, and de-centralized documents in your enterprise.

Learn more about Proofpoint solutions at http://www.proofpoint.com/products Headquartered in Sunnyvale, California, Proofpoint has offices around the globe including Canada, Japan, the United Kingdom, Asia Pacific, Europe and Mexico.

!

Proofpoint, Inc. 892 Ross Drive

Sunnyvale, CA 94089 USA

+1 408 517 4710

www.proofpoint.com!



SpamTitan, a provider of sophisticated enterprise level email and Internet security solutions, is a global company with customers utilizing their software in five continents. Customers range from small businesses with as few as 10 users to organizations with 40,000-plus users. SpamTitan on Demand offers businesses an on demand private cloud virtual appliance solution providing the most comprehensive protection from email threats, including spam, viruses, Trojans, Phishing, Malware and other unwanted content. SpamTitan’s unique approach in utilizing next-generation virtualization software combined with the cloud eliminates the need for unwieldy hardware and shared resources, giving customers unparalleled flexibility, versatility and scalability but at an affordable price. Integrating best-of-breed technologies. SpamTitan is also used by many Internet Service Providers to offer managed email services to their clients. SpamTitan is one of a select few to have achieved VMware’s Certified Virtual Appliance status and was one of the first products to be awarded the certification. WebTitan is a gateway Internet monitoring, filtering and reporting solution. It offers organizations protection to their data and users from malware and other internet threats such as viruses, spyware, and phishing as well as providing user policy browsing tools to ensure corporate internet policy is adhered to in the new world of Web 2.0.

SpamTitan IDA Business Park

Galway Ireland

+1 201 984 3271

www.spamtitan.com



© 2012 Osterman Research, Inc. All rights reserved. No part of this document may be reproduced in any form by any means, nor may it be distributed without the permission of Osterman Research, Inc., nor may it be resold or distributed by any entity other than Osterman Research, Inc., without prior written authorization of Osterman Research, Inc. Osterman Research, Inc. does not provide legal advice. Nothing in this document constitutes legal advice, nor shall this document or any software product or other offering referenced herein serve as a substitute for the reader’s compliance with any laws (including but not limited to any act, statue, regulation, rule, directive, administrative order, executive order, etc. (collectively, “Laws”)) referenced in this document. If necessary, the reader should consult with competent legal counsel regarding any Laws referenced herein. Osterman Research, Inc. makes no representation or warranty regarding the completeness or accuracy of the information contained in this document. THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED REPRESENTATIONS, CONDITIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE DETERMINED TO BE ILLEGAL. i Messaging and Web Security Market Trends, 2011-2014; Osterman Research, Inc. ii http://www.zdnet.com/blog/security/amnesty-international-uk-compromised-serving-exploits-and-malware/9861 iii http://blogs.technet.com/b/mmpc/archive/2011/12/19/disorderly-conduct-localized-malware-impersonates-the-police.aspx iv http://www.eweek.com/c/a/Security/Mitsubishi-Heavy-Network-Most-Likey-Compromised-by-SpearPhishing-Attack-335314/ v http://www.eweek.com/c/a/Security/IMF-Breach-May-Be-StateSponsored-Spear-Phishing-Attack-526401/ vi http://www.pcmag.com/article2/0,2817,2382970,00.asp#fbid=uW9bd7GksLR vii http://money.cnn.com/2011/10/27/technology/rsa_hack_widespread/index.htm viii http://www.wired.com/threatlevel/2011/04/oak-ridge-lab-hack/ ix http://www.courthousenews.com/2011/11/29/41751.htm x http://arstechnica.com/security/news/2011/03/hackers-spear-phish-infiltrate-french-ministry-of-finances.ars xi http://rixstep.com/1/1/20100126,00.shtml xii http://krebsonsecurity.com/tag/catholic-diocese-of-des-moines/ xiii http://www.networkworld.com/news/2009/092409-construction-firm-sues-after-588000.html xiv http://www.post-gazette.com/pg/09195/983738-57.stm xv http://www.computerworld.com/s/article/9156558/Michigan_firm_sues_bank_over_theft_of_560_000_ xvi http://krebsonsecurity.com/2010/06/e-banking-bandits-stole-465000-from-calif-escrow-firm/ xvii http://www.technologyreview.com/computing/23488/?a=f xviii http://www.bankinfosecurity.com/articles.php?art_id=3159&opg=1 xix http://voices.washingtonpost.com/securityfix/2009/07/an_odyssey_of_fraud_part_ii.html xx http://www.computerworld.com/s/article/9153598/Poughkeepsie_N.Y._slams_bank_for_378_000_online_theft xxi http://www.suite101.com/content/protect-yourself-against-banking-crimeware-a156086 xxii http://www.abajournal.com/news/article/doj_says_massive_decade-old_botnet_helped_web_thieves_steal_millions/ xxiii http://voices.washingtonpost.com/securityfix/2009/07/the_pitfalls_of_business_banki.html xxiv http://gocsi.com/public/dbir

Why You Need to Consider Cloud-Based Security in 2012

Technology

Transcript of Why You Need to Consider Cloud-Based Security in 2012