Cloud provides its customers with many characteristics such as on-demand scalability, payment as per usage of the resources, accessibility to the data and application from anywhere in the world. With all these features provided by the cloud, security remains the major issue in the cloud. Customers are reluctant to move to the cloud due to various data breaches that has been reported which include iCloud Hack, Target, Home Depot, Sony Pictures and United States Internal Revenue Service With rapid increase in usage of cloud-based services such as Dropbox, Google Drive, Amazon EC2, Azure virtual machines customers are more vulnerable to cloud security attack.
Threat to cloud security can affect the image of the cloud vendor and can also pose a threat to proprietary data of the customer. To provide security assurance in cloud, SeCaaS (Security as a Service) was introduced.
SeCaaS is a model in which the cloud providers integrate their security services into the enterprise/organization infrastructure on a subscription basis. It is based on Software as a Service (SaaS) model for specialized information security services. The major goal of SeCaaS is to provide security to information systems while attaining the business objectives of the organizations. It helps to preserve the three pillars of information security, i.e., confidentiality, integrity and availability.
SeCaaS is offered in various forms such as subscription, payment for the resources used and free of charge. Cloudbric, CloudFare and Incapsula are some of the examples that fall under
The Cloud Security Alliance has identified various categories of security as a service offerings:
Identity and Access Management: This category involves managing access to various enterprise resources by verifying the identity of the entities and granting the correct level of access to the entity on the basis of authorization.
Data Loss Prevention: This category includes protecting the data in the cloud in every state, i.e. data at rest and in motion
Web Security: This category involves providing real-time protection by redirecting the web-traffic to the cloud provider and then forwarding the clean traffic to the customer.
Email Security: This category provides control over outbound and inbound emails, thus protecting the customer from phishing and malicious attachments in email.
Security Assessments: These are the audits performed by third party for cloud services or assessment of the on-premises systems via cloud-provided systems.
Intrusion Management: This category includes the process of intrusion detection by prevention via anomaly based approach to respond to unusual events.
Security Information and Event Management (SIEM): SIEM analyses and correlates the event logs related to security issues and provides real-time report and alert on the security issues that may require urgent attention.
Encryption: It is the process of providing private and public cryptographic algorithms for the security of data at rest, in motion, etc.
Business Continuity and Disaster Recovery: It is the process of ensuring the business objectives are in continuity in the event of any failures.
Network Security: It includes security provisions that allocate access and protect the underlying the network resource services.
Some of the advantages of SeCaaS involve:
- It reduces the overall TCO (total cost of ownership) because there is no upfront capital expenditure for all the security appliances.
- There is a reduction of 75% of the emails entering the organization’s network as spam by using content-filtering and anti-spamming hosted on cloud.
- Security solutions hosted on cloud provide better security with the use of multiple malware-scanning systems compared to the single malware-scanning system present on-premises
Some of the risks of SeCaaS involve:
- Domino Effect: This can take effect in case of a service being hacked or broken that can lead to cascading security malfunction scenario.
- Shared Nature: Shared tools can be a major solution. The centralized solution puts a restriction on the customers to customize their services.
One of the major challenges of SeCaaS is developing a universally accepted framework for security delivery. Some of the other challenges include malicious insiders, shared technology vulnerabilities, data leakage, traffic or service hijacking.
There are mainly two types of SeCaaS providers. The first type of providers include the existing information security companies who are changing their delivery methods to include the services delivered by the cloud. The second type of providers include the information security companies who are emerging as pure cloud service providers which provide security only as a cloud service.
Some of the likely users involve:
- SMB sector who want to reduce initial CAPEX and want fast deployment of security services.
- Smart phone users, as many users are working from remote locations, so security solutions have to be extended to these users also.
According to Gartner, identity management and SIEM will be the areas that will grow the fastest in security as a service. The services can be provided to the customers in a hybrid manner along with the legacy solutions to improve effectiveness. Security when deployed correctly along with the benefits of cloud can give a compelling option for the customers.