1
Changing Security as We Know it
Philippe CourtotChairman and CEO, Qualys Inc.
How Cloud Computing is Changing the Enterprise Security Landscape
2
It is a New World.. And there is an App for that
Corporate data Wants to be availableFrom anywhere at anytime to anyone
3
of corporate data resides unprotected on PC desktops and
laptops
50% It takes 29.5 days
on average to eliminate half of known critical
vulnerability on corporate networks
Securing the enterprise is getting harder and becoming in fact an impossible challenge
laptop computers will be lost or stolen within 12 months of purchase
1-out-of-10
4
Too many variables
Too many security patches
Very long software release cycle
Technology is moving too fast
and the burden is all on Enterprises
Software applications served to the user via a browser. (e.g. Google Apps, NetSuite, Taleo, Salesforce.com, Lotus Live) or via devices connected to a data center via the Internet (e.g. iTunes/iPod, Qualys, Amazon Kindle)
Software as a Service (SaaS)
Hardware, storage, database, networking infrastructure running a network service. (e.g. Amazon EC2, Microsoft Azure)
Infrastructure and Platform as a Service (IaaS, PaaS)
Cloud Computing answers the IT business needs of agile, 21st century economies
No IT resources needed
Delivery model that scales
Easier to select vendors
Disruptive business model
The current financial and economical crisis is now accelerating the adoption
Natural resistance to change
Internet limitations
Internet bubble
There is a tsunami of Enterprise SaaS Solutions now coming to a browser near you
It has been already 10+ years
8
Security can be made more granular and invisible in the cloud
Why is this possible?
Are there examples already?
It is all about the data and how to securely share it
A Counter Intuitive Reality
9
Accelerated consolidation
Major shift in buyers
Emergence of new players
It is not about the survival of the fittest or the biggest, but of the one who adapts
For the Security Industry
10
Resistance is not an option
Dealing with more complexity
A more strategic role
For the Security Professionals
Change always brings new opportunities to those who embrace it
11
Missing technologies–A more secure and advanced browser–Stronger authentication (federated in the cloud)–Secure open protocols and standards
Legal and contractual framework–Stronger SLA’s – Independent audits and compliance–Data privacy, location and ownership
12
Security Community Initiatives
Cloud Security Alliance (CSA)www.cloudsecurityalliance.org
The Jericho Forumhttp://www.opengroup.org/jericho/index.htm
13
.. and it is our job to verify
Thank You My special thanks to all of our early adopters
Top Related