Information AboutSecurity-as-a-service |
| CATEGORIES ABOUT SECURITY-AS-A-SERVICE | |
| business models | |
| security | |
| services management and marketing | |
| service-oriented business computing | |
| software as a service saas | |
|
Security-as-a-Service refers to the practice of delivering traditional security applications as an Internet-based service, on-demand, to consumers and businesses. Security-as-a-Service is analogous to the conventional Software-as-a-Service model, whereby security applications are delivered as a service using the Internet as the delivery mechanism. In the consumer market, the most common of these are the “anti-“ suite, including anti-virus, anti-spam and anti-spyware. In the enterprise market, Security-as-a-Service refers to the delivery of second-tier infrastructure components, such as log management and asset tracking, in a service-oriented fashion, also leveraging the Internet as the delivery and access mechanism. HISTORY The term ‘Security-as-a-Service’ was first used in the consumer market in the year 2001. McAfee filed a controversial patent for delivering security software as a service over the Web in August 2001.http://www.theregister.co.uk/2001/08/07/mcafee_files_patents_for_security// The Register: McAfee files patents for security as a service In the enterprise market, security services vendor Vigilar introduced the first enterprise security-as-a-service solution with the introduction of its ATLAS solution in June 2007. http://www.vigilar.com/press/press061807.html// Vigilar Unveils ATLAS Security as a Service Vendors in the SMB market who deliver “Security-as-a-Service solutions include McAfee, Watchfire, and Jamcracker. In the enterprise market, vendors who provide security-as-a-service solutions include ISS, Panda Software, Qualys, and Vigilar. WHY SECURITY-AS-A-SERVICE Certain aspects of security are uniquely designed to be optimized for delivery as a Web-based service. These include:
KEY CHARACTERISTICS Security-as-a-Service applications are generally priced on a per-user basis on the consumer side, and a per-device basis on the enterprise side. Pricing may also depend on bandwidth and storage requirements. SaaS costs to the buyer and revenue streams to the vendor are therefore lower initially than traditional software license fees, but are also recurring, and therefore viewed as more predictable, much like maintenance fees for licensed software. In addition, because the functionality is delivered as a service, rather than a device or piece of software, fees fall under operating expenses, rather than capital expenditures, for most customers. SECURITY-AS-A-SERVICE VS. MANAGED SECURITY SERVICES Unlike previous generations of Managed Security Services, security-as-a-service does not require the customer to give up complete control over their security posture. Instead, internal administrators can control their security policies, upgrade systems, etc. via a web-based interface. Internal administrators maintain control of their security policies and can change them without calling an outsourced provider, but at the same time gain useful information regarding a devices status and history (uptime, current and past patch levels, outstanding support issues) and other device-centric information on demand via a web interface. SEE ALSO
EXTERNAL LINKS
REFERENCES |
|
|