Greg YoungTap dancing is the mother of invention. This morning at MES I delivered a new presentation “Network Security Best Practices for Midsize Enterprises”, for the first time. Although I covered all the acronyms, I realized about halfway through that I was talking a lot about In The Cloud security and comparing it to MSSP services, but it needed a clear definition to really cut through the current hype.
“MSSPs provide an off-premise service for customer premise equipment (CPE), whereas ITC is off-premise services for off-premise equipment”.
This afternoon I spoke this with my colleague Kelly Kavanagh who is Gartner’s lead on MSSPs and security services. Kelly said “That’s accurate — I would also add a third definition. ITC requires bandwidth as an adjunct service, whereas remote service absent an adjunct fits the security as a service definition”. He explains that you can’t buy ITC firewall without buying the network, because that’s were the firewall is. You can however buy anti-spam without buying network or anything else from that same vendor.
So our expanded definition is: MSSPs provide an off-premise service for CPE. ITC is off-premise services for non-CPE. If the ITC doesn’t come with the network, it is security-as-a-service.
The other piece of advice during the talk was that anyone looking for some quick investment cash should start a company advertising agentless-In-the-Cloud-virtualized-green-PCI-open-source-security-as-a-service. I think I need to stop working on the Hype Cycle…
Comments Off
Category: Security Security Events Tags:
