Sophos Pushes Security Management into Cloud

Mike Vizard
Slide Show

Ten Questions to Ask When Writing a Cloud Security Policy

As part of the general movement to push the management of IT security into the cloud, Sophos this week announced that it is rolling out its first security management platform in the cloud.

According to Sophos CTO Gerhard Eschelbeck, Sophos Cloud is part of an effort to reduce the total cost of security by leveraging the cloud to host the administrative software needed to manage Sophos security technologies. Rather than having to dedicate infrastructure to running that software on premise, Eschelbeck says Sophos Cloud makes it more cost effective to manage security via a central console in the cloud that is managed by Sophos.

Putting security management software in the cloud is not a new idea. But for Sophos, Eschelbeck says it represents the first in a series of security offerings in the cloud that will all be optimized to augment IT staffs at small-to-medium (SMB) organizations that have limited resources.

Ultimately, there will never be enough security expertise available to combat attacks that with each year are becoming more sophisticated. The challenge facing IT organizations is to first figure out how to lower the cost of managing IT security without compromising it, and then put in place a framework that makes it easier for third-party IT security experts to manage security on their behalf.

Offerings such as Sophos Cloud are a step in the right direction in terms of administrative costs. But more importantly, they put in place a framework that makes it easier for IT organizations to actually outsource the management of IT security to organizations that specialize in it. Most of the attacks being made today are relatively simple in that they depend on brute force to succeed. As time goes on, however, it’s clear that security attacks are getting more sophisticated and targeted. Given that reality, the time has come for most IT organizations to start calling in the outside expertise needed to not only identify those threats, but just as importantly automate the remediation of vulnerabilities as quickly as possible.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.