More

    Sophos Pushes Security Management into Cloud

    Slide Show

    Ten Questions to Ask When Writing a Cloud Security Policy

    As part of the general movement to push the management of IT security into the cloud, Sophos this week announced that it is rolling out its first security management platform in the cloud.

    According to Sophos CTO Gerhard Eschelbeck, Sophos Cloud is part of an effort to reduce the total cost of security by leveraging the cloud to host the administrative software needed to manage Sophos security technologies. Rather than having to dedicate infrastructure to running that software on premise, Eschelbeck says Sophos Cloud makes it more cost effective to manage security via a central console in the cloud that is managed by Sophos.

    Putting security management software in the cloud is not a new idea. But for Sophos, Eschelbeck says it represents the first in a series of security offerings in the cloud that will all be optimized to augment IT staffs at small-to-medium (SMB) organizations that have limited resources.

    Ultimately, there will never be enough security expertise available to combat attacks that with each year are becoming more sophisticated. The challenge facing IT organizations is to first figure out how to lower the cost of managing IT security without compromising it, and then put in place a framework that makes it easier for third-party IT security experts to manage security on their behalf.

    Offerings such as Sophos Cloud are a step in the right direction in terms of administrative costs. But more importantly, they put in place a framework that makes it easier for IT organizations to actually outsource the management of IT security to organizations that specialize in it. Most of the attacks being made today are relatively simple in that they depend on brute force to succeed. As time goes on, however, it’s clear that security attacks are getting more sophisticated and targeted. Given that reality, the time has come for most IT organizations to start calling in the outside expertise needed to not only identify those threats, but just as importantly automate the remediation of vulnerabilities as quickly as possible.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles