But PC security can be increasingly enhanced -- with a cloud-enhanced trouble discovery-and-remediation lifecycle approach -- and delivered as services. This reduces the strain on the PC itself, as well as improves the ability to staunch malware problems quickly before they spread.
As a result, new offerings around cloud-based anti-virus and security protection services are on the rise.
Furthermore, Internet-delivered security -- from the low-touch client agent to the fuller managed services -- provides a strong business opportunity for resellers and channel providers. A fuller such solution then allows small and larger businesses to protect all of their PCs, regardless of location, at decreasing -- rather than increasing -- total costs.
To help delve more deeply into the benefits of security as a service, and explore the cloud strengths of managing malware protection more centrally from the Web, I recently moderated a discussion with independent IT analyst Phil Wainewright, director of Procullux Ventures and a ZDNet SaaS blogger, as well as Josu Franco, director of the Business Customer Unit at Panda Security.
Here are some excerpts:
Franco: There are two basic problems that we're trying to solve here, problems which have increased lately. One is the level of cyber crime. There are lots and lots of new attacks coming out every day. We're seeing more and more malware come into our labs. On any given day, we're seeing approximately 30,000 new malware samples that we didn't know about the day before. That's one of the problems.
The second problem that we're trying to solve for companies is the complexity of managing the security. You have vectors for attack -- in other words, ways in which a system can be infected. If you combine that with the usage of more and more devices in the networks, that combination makes it very difficult for administrators to really be on top of the security.
In order to address the first problem ... we need to take an approach that is sustainable over time. ... We found the best approach is to move processing power into the cloud, ... to process more and more malware automatically in our labs. That's the part of cloud computing that we're doing.
In order to address the second problem, we believe that the best approach for most companies is via management solutions that are easier to administer, more convenient, and less costly for the administrators and for the companies.
We don't see the agents disappearing any time soon to protect the [PC] endpoints. [But by] rebuilding the endpoint agent from scratch, ... we get a much lighter agent, much faster than previous agents. And, very importantly, an agent that is able to leverage the cloud computing capacity that we have, which we call "Collective Intelligence," to process malware automatically.
We've just released this very first version of the Cloud Antivirus agent. We're distributing it for free with the idea that first we want people to know about it. We want people to use it, but very importantly, the more people that are using it, the better protected they're all going to be.
Once you've downloaded this agent, which works transparently for the end user, all the management takes place via SaaS. ... We believe that the more intelligence that we can pack into the agent, the better, but always respecting the needs of consumers -- that is to be very fast, to be very light, to be very transparent to them.
[Next we provide] ... a management console [Panda Managed Office Protection] that's hosted from our infrastructure, in which any admin, regardless of where they are, can manage any number of computers, regardless of where they are located.
This works by having every agent talk to this infrastructure via Internet, and to talk to other agents, which might be installed in the same network, distributing updates or distributing other types of polices.
Wainewright: To be honest, I've never really understood why people wanted to tackle Web-based malware in an on-premise model, because it just doesn't make any sense at all. The attacks are coming from the Web. The intelligence about the attacks obviously needs to be centralized in the Web. It needs to be gathering information about what's happening to clients and to instances all around the Web, and across the globe these days.
Really making sure that the protection is up-to-date with the latest intelligence and is able to react quickly to new threats as they appear means that you've go to have that managed in the center, and the central management has got to be able to update the PCs and other devices around the edge, as soon as they've got new information.
... The malware providers are already using network scale to great effect, particularly in the use of these zombie elements of malware that effectively lurk on devices around the Web, and are called into action to coordinate attacks.
You've got these malware providers using the collective intelligence of the Web, and if the good guys don't use the same arsenal, then they're just going to be left behind.
... More and more, in large enterprises, but also in smaller businesses, we're seeing people turning to outside providers for expertise and remote management, because that's the most cost effective way to get at the most up-to-date and the most proficient knowledge and capabilities that are out there.
Franco: In the current economic times, more and more resellers are looking to add more value to what they are offering. For them, margins, if they're selling hardware or software licenses, are getting tougher to get and are being reduced. So, the way for them to really see the opportunity into this is thinking that they can now offer remote management services without having to invest any amount in what is infrastructure or in any other type of license that they may need.
It's really all based on the SaaS concept. [Managed service providers] can now say to the customers, "Okay, from now on, you'll forget about having to install all this management infrastructure in-house. I'm going to remotely manage all the endpoint security for you. I'm going to give you this service-level agreement (SLA), whereby I'm going to check the status of your network twice or three times a week or once a day, and if there is any problem, I can configure it remotely, or I can just spot where the problems are and I can fix them remotely."
This means that for the end user it's going to reduce the operating cost, and for the reseller it's going to increase the margins for the services they're offering. We believe that there is a clear alignment among the interests of end users and partners, and, most importantly, also from our side with the partners. We don't want to replace the channel here. What we want is to become the platform of choice for these resellers to provide these value-added services.