Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Security as a Service: Guide to Cloud Solutions

Security as a Service: Guide to Cloud Solutions

Software as a service (SaaS) is an increasingly popular way to acquire business software, especially in areas such as human resources and accounting, but security may be one of the best application areas for SaaS.  

Getting a handle on security in your business is no small feat.You have to protect endpoints that range from PCs running older versions of Windows to mobile devices running Android and iOS operating systems. Windows and Linux servers may be running back office programs as well as customer facing applications that need constant monitoring and patching. Your email system is a prime target for attackers pushing phishing scams, botnet malware and other malicious content. To make matters worse, your adversaries are specialists who can invest time and resources into improving their techniques and avoiding your defenses. 

For many small and midsized businesses (SMBs), information security is a priority but the needed expertise and funding are difficult to maintain. One option for SMBs is to use a managed security service that provides a full suite of services, from anti-malware applications to security consulting. Managed security services might, for example, deploy security devices on your network and then monitor and manage them. An alternative to that model of outsourcing is security as a service.

Security as a service providers offer a range of options, from comprehensive security packages to specialized services for email to targeted security functions such as vulnerability scanning.

Vendors such as McAfee and Trend Micro offer customers comprehensive security services that include features such as hosted email security, email encryption, and endpoint device protection.

Email security is especially well suited for SaaS-based security.Inbound email can be scanned and filtered by a security provider before it reaches your network. This can help mitigate the risk of malicious content from reaching your end users. It is especially important for social engineering attacks, such as phishing scams, that can trick even security conscious users into inadvertently enabling malware to be installed on their devices.

These cloud security services can offer network scanning protection as well. Since these products are offered as SaaS, customers do not have to install and maintain hardware or software on premises. Instead, Web traffic is routed to the security vendor's site where it is scanned for malicious content or links to potentially malicious sites.