Business Issues Channels Enterprise Services SME Technology
Module Header
Craig WentworthMWD Advisors
Craig Wentworth
16th April - Egnyte the blue touchpaper...
Louella FernandesLouella Fernandes
Louella Fernandes
11th April - Managed Print Services: Are SMBs Ready?
Louella FernandesLouella Fernandes
Louella Fernandes
11th April - The Managed Print Services (MPS) Opportunity for SMBs
Simon HollowayThe Holloway Angle
Simon Holloway
11th April - Intellinote - capture anything!
David NorfolkThe Norfolk Punt
David Norfolk
11th April - On the road to Morocco

Blogs > Bloor Security Blog

Why web security is best served in the cloud
Fran Howarth By: Fran Howarth, Practice Leader, Bloor Research
Published: 19th February 2010
Copyright Bloor Research © 2010
Logo for Bloor Research

Most business today is conducted electronically, with the internet a prime communications mechanism and resource for finding and sharing information. Yet its importance makes it a prime vector of attack for hackers that are looking to steal information for commercial gain. Because of this, malware threats are actually on the rise after years of tailing off. The 2009 CSI computer crime and security survey recently reported that malware attacks had been experienced by more than 64% of respondents in 2009, up from 50% in 2008, and making this the most prevalent type of attack seen.

Not only are attacks rising in number, but they are also becoming more complex and sophisticated. The number of variants of particular samples of malware is increasing dramatically and hackers are increasingly using blended mechanisms to make their attacks more effective, for example, using a combination of email and web exploits to increase their chances of success.

Traditional malware defences struggle to cope. Vendors struggle to write fixes for new malware variants as they come to light and end-user machines need to be regularly updated so that they have the latest protection. That can be an administrative nightmare if an organisation tries to handle web security issues in-house.

A better strategy can be to outsource the service to experts--and especially those offering software-as-a-service offerings based in the cloud. Such services are backed up by resource centres staffed with researchers who are constantly looking for the latest threats and scanning websites for potential exploits. By using advanced techniques, such as heuristics that look for particular behaviour associated with malware, rather than trying to fix a problem with a signature, so that previously unseen threats can be stopped in their tracks.

And the use of a service based in the cloud means that those threats can be stopped at there point where they are emanating from--the web--so that no exploits actually reach an organisation's network. This not only has the benefit of better protection against web-based threats, but can also mean lowered costs for the organisation as the service is delivered on a subscription basis, meaning there is no capital expenditure required on software licences and the hardware needed to run them.

This subject is discussed in greater detail in a series of papers, of which this is the first: The realities of web security


Published by: IT Analysis Communications Ltd.
T: +44 (0)190 888 0760 | F: +44 (0)190 888 0761