Menu
​How can partners sell Cloud security to CISOs?

​How can partners sell Cloud security to CISOs?

Role for the channel as CISOs continue to struggle with Cloud strategies and hundreds of apps used across the enterprise.

As Chief Information Security Officers (CISOs) continue to struggle with Cloud strategies and hundreds of apps used across the enterprise, partners should focus on three core areas to help edge deals across the line.

Irrespective of organisation, security professionals continue to face a Cloud security problem, yet remain hesitate to use Cloud service providers.

However, employees often use hundreds of applications, particularly Software as a Service (SaaS).

“Are you the goldilocks of Cloud security?” Gartner Research Vice President, Jay Heiser, asked.

“Often, no corporate Cloud policy or security project feels “just right.” Cloud computing creates a lot of complications for the whole enterprise. From a security and risk management point of view ambiguity is especially difficult to deal with.”

For Heiser, one of the main dilemmas with introducing official policies on Cloud computing, is that no one can agree what Cloud computing actually means.

“While CISOs view Cloud computing as a style of computing, other parts of the enterprise view Cloud computing as ‘things accessed over the internet’,” Heiser added.

Three areas of Cloud security

Regardless of how groups define Cloud computing, Heiser believes ir is essential to have a strategy and policies for how to use the Cloud.

As a result, partners should help enterprises focus on the three primary areas of Cloud security concern.

Multi-tenancy

Multi-tenancy, where enterprises share space with other customers, provides limited flexibility in services.

“With data out of the physical control of the enterprise, security becomes a concern,” Heiser explained.

In fact, 38 per cent of companies who don’t plan to use the public Cloud cited security and privacy as the main reason.

However, companies may be using security/privacy as a scapegoat for fears about relinquishing control over data and a major shift in the status quo of how enterprises are used to operating.

“There’s been no correlation between security failure and the degree of multitenancy,” Heiser added. “Sometimes hybrid is a way that some organisations can become more confident in how to explore using the public Cloud model.”

Virtualisation

Heiser said virtualisation requires different vulnerability management and patching processes for the Cloud environment.

“Organisations will use different tools to manage virtual machines,” he added. “Plus, its complex, dynamic, and distributed nature means that there is no physical indication for safety such as the traditional ‘blinking lights’.”

SaaS

SaaS applications offer an increasing level of security and control functionality. However, they are mostly under the control of end users, offer minimal transparency, and offer no customisation.

“To add to the complexity, many enterprises often have at least 200 and up to 1,000 SaaS applications in use,” Heiser added.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags GartnerCloudsecurity

Slideshows

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise

Ingram Micro completed its nationwide roadshow in Auckland last month, kicking off its Innovation Hour series with Hewlett Packard Enterprise. Uncovering the latest in storage, networking and servers, the event outlined key market trends for resellers in 2016 and beyond.

IN PICTURES: Ingram Micro Innovation hits Auckland with Hewlett Packard Enterprise
IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference

FireEye welcomed 143 channel partners and distributors to FireEye's 2016 annual Partner Conference, FireEye A/NZ Momentum - held at Establishment in Sydney. Delegates heard from senior trans-Tasman channel leaders, marketing and the product divisions in the morning, with FireEye customers, incident responders and threat intelligence analysts sharing knowledge during the afternoon.

IN PICTURES: FireEye celebrates channel at 2016 Partner Conference
Show Comments