6 Responses Nov 13
ruthvik
Work2.docxCharnjeet Work:
Cloud computing has made the most unthinkable of computing resources such as security to be delivered as a service. Abbreviated as SECaaS, security as a service is a type of outsourcing where another party outside an organization handles and manages security. Instead of local delivery of security solutions such as the installation of virus prevention and spam filtering software, they are provided over the internet. At the, most basic form, SECaaS is seen in the use of anti-virus software on the internet.
SECaaS is delivered in a variety of forms including subscription, free of charge, and payment of services after use. According to Kim, “The use of this methodology has several benefits over the traditional method that involves an organization creating its capabilities for delivering security to its operations” (Kim, 2016). One other most important benefit is that an organization works with updated and latest tools in the market. Effective security tools such as anti-virus require frequent re-definitions to improve their abilities to stop emerging threats. With SECaaS, security tools are regularly updated to respond to new threats.
Consequently, the organization will not have to worry about users of its resources, updating their security tools. Secondly, security is offered by experts in the field of cyber security who have specialized in the software and measures to ensure the security of services. Consequently, the organization will get updated and the latest tool available for their activities. The experts have more experience and higher skills set than when an organization has its own.
According to Nanda and Jaeger, “Another vital benefit of security as a service is the lowered cost of security. Enterprise security is an expensive item in an organization’s budget” (Nanda, Sun & Jaeger, 2015). According to research, the cost of network security has been growing and will continue to grow as organizations continue to leverage technology in their day-to-day activities. Hiring full-time employees with knowledge and skills in cybersecurity is also a vital budget expenditure in organizations. With the cost of recruitment and remuneration of employees, acquiring the tools of security and maintaining cybersecurity resources being significantly high, organizations save a significant amount of money by acquiring the services from third parties. Also, outsourcing security services allow organizations to focus their resources on other details, such as strategic management. This approach hence has the opportunity of improving productivity in an organization.
SECaaS also allows for centralization of command and management of security hence increasing the ease of operation. With the increase in regulations in IT, such as meeting compliance requirements for data loss prevention and protection, it is important to have ease of access to security management. SECaaS bring all components of security together under one umbrella. With this capability, an organization can coordinate, track, synchronize, and manage threat prevention measures. According to Hariharan, “With the provider delivering centralized management measures to security, such activities and functions as policy management, monitoring, and configuration management are easily handled. This centralization allows for scaling of organization security for improved deliberation” (Hariharan & Tapaculo, 2014).
In conclusion, SECaaS allows for a simplified and advanced approach to cybersecurity. With security threats being hatched fast and advancing the attack on organizations, it is necessary to get updates as quickly as possible. SECaaS allows for speedy and accurate updating of security tools by experts. Also, SECaaS allows for a cost reduction and freeing up resources for other organization operations. Though SECaaS, security measures are synchronized, allowing for ease of monitoring, configuration, and other processes in the organization.
References
Kim. J. (2016). Benefits of cloud computing adoption for smart grid security from security perspective.
Sun. Y, Nanda. S & Jaeger. T. (2015, November). Security-as-a-service for microservices-based cloud applications.
Hariharan. V& Tapaculo. U. (2014). Security as a service model for cloud environment.
Dushyanth Work:
Week 12 Discussion Security as a Service
Organizations have kept on increasing their awareness on cybersecurity. “With more transactions being conducted online across the internet, businesses transmit and receive large volumes of data daily” (Elliott, 2020). The cybercriminals tend to target these data, and can risk lots of time and resources. The compromise of the networks allow the hackers control consumer data and can even sell or seek ransom. Therefore, the management has no option other than investing the Security-as-a-Service (SECaaS).
The strategy allows the management to automate manual tasks. It can facilitate the configurations made during network security set up. For instance, there are user account setups, firewall configurations, and disaster recovery configurations. The processes tend to be repetitive and can waste time if they were to be done manually. “Additionally, doing these tasks manually may lead to mis-configuration during the setup process or the omission of a critical setup step or configuration” (Elliott, 2020). The errors of omission and misconfiguration are very risky to the organization. they increase exposure to vulnerabilities and lose of customer trust.
Elliott (2020) claims that, “One benefit of SECaaS is that it helps to reduce the number of items that are manually configured.” The inference shows that one cannot automate all operations. The operations that become automated improves speed and efficiency of the setup process. They also encounter reduced error risks and improve resilience to attacks. The organizations also use SECaaS to safeguard themselves from new threats. “As cybersecurity specialists develop solutions to existing cyber threats, cyber criminals continuously devise new and innovative ways to evade detection and successfully compromise business networks to steal their data” (Elliott, 2020). Thus, the management has to improve their response and identification of emerging threats.
The Security-as-a-Service endeavor also assists in analyzing skills gap. The management has to hire in-house security professionals to oversee the running of business-critical processes. “By determining which activities, such as software configuration, maintenance and disaster recovery, can be managed by SECaaS or managed security services (MSS) providers, organizations can better prioritize their limited time and resources” (Byrne, 2018). The increased technological advancement has increased the tools available to the cyber criminals. Therefore, firms cannot hire all the needed security professions. The solution to high demand and scarce skills is SECaaS investment.
Organizations have a lot to benefit from SECaaS providers. For instance, they gain interoperability, where they avoid instances of vendor lock-in. They can also benefit from reduced total cost of ownership (TCO). However, they have to “read the fine print and be sure that you get the language right, or else you might end up paying more with your chosen package than a similar one with a nominally higher advertised rate” (Brook, 2018). The service level agreement has to be understandable to all parties. The providers also assist in reporting of major security events and attack logs. The management need not invest in on-premise security management tools. It outsources roles like risk management and implementation, void of raise security management costs.
References
Brook, C. (2018, December 5). What is Security as a Service? A Definition of SECaaS, Benefits, Examples, and More. The Digital Guardian, np.
Byrne, L. (2018, February 8). SECaaS Is Where It’s At: Why Security-as-a-Service Is the Next Big Thing. Security Intelligence Article, np.
Elliott, M. (2020, March 31). 5 Reasons Security as a Service is a Good Investment. New Cloud Networks, np.
