In spite of how long I have been in the high-tech industry, one image always comes to mind when I think of security: a cartoon that came out around the mid-1990’s, as PCs were running rampant through corporate enterprise environments.
The cartoon depicted two dogs; one dressed in a business suit standing in front of what is clearly a security desk, and the other behind the desk in a uniform and badge. The caption was “I’m sure you are who you say you are but I still have to sniff your butt nonetheless.”
Even in the good old days of business-purchased and -owned devices, preventing data leakage and enforcing good security policy was problematic at best. Much was done in the name of security, including “locking down” desktops and removing physical I/O devices that we all eventually jettisoned anyway (think about how many current PCs/laptops lack optical drives). Single identity and sign on spurred much of the directory-service wars between Novell, Microsoft and Banyan. Have we really gotten any better since then? What does security mean in the emerging cloud ecosystem? Have we merely shifted an ongoing issue to another part of the ecosystem?
You may be surprised to read that I believe that cloud has some great things going for it with respect to addressing these security concerns. Assuming that identity continues to be hosted by third parties (Live, Google, Facebook and LinkedIn, for example), securing data could very well become easier rather than harder. In the good old days, data could walk out of a company in the form of a laptop, floppy, USB or removable drive. Pure cloud deployments (data center, cloud apps and clients such as a ChromeBook) could make such occurrences rare, especially when the likes of Amazon offer two-factor authentication to help reduce the incidences of stolen identities—at least when it comes to high-value identities.
One interesting evolution we have seen revolves around hybrid cloud, where extending the corporate data center to an off-premise third party holds all the promise of reduced costs with the addition of agility and disaster recovery. I have previously discussed the new breed of providers in this space, but what is interesting is not that they are selling cheap computing assets, but rather that they often sell off-premise cloud with security endemic to the offering. It may be off-the-shelf technology or homegrown, but regardless of such details, it whets the appetite of customers wanting off-premise cloud, security of their external data and a single vendor with whom to deal. Judging from the recent growth of such providers, this is proving to be a value that nearly sells itself.
This just hints at the opportunities in this area, of course. Case in point, I recently met with several venture capitalists and the among the hot spaces they track for investment are “data leakage” and consumerization of IT, both of which speak to the continuing demand for enhanced and yet easy-to-live-with cloud security.
Stay tuned, it’s about to get very interesting as both consumers of IT and overseers of IT wrestle to create a common vision that satisfies both parties.
JD Marymee is the CEO and co-founder of Technology Innovations Group, an organization that drives disruptive innovation as a daily mission. As part of that mission, he advises numerous startups and larger firms, facilitating connections with the investment community.
Image: Gor Grigoryan/Shutterstock.com