Currently there is a movement of technology companies that are migrating or linking services in the Cloud. Could this phenomenon stop?
It could be inferred that the change of technology is happening.
By Osvaldo Callegari*
The Cloud, famous paradigm of the way in which people link their data, successor of once perfect models, with more doubts than certainties is adapting to the times we live. Today the need to be connected and safe go hand in hand, this premise allows us to inspect or find out what service providers do to adapt.
As usual in the column we gather experiences and knowledge of business solutions that are already working in this market. Today we interviewed Ignacio Conti regional manager Sola of Bluecoat Systems and he told us about his experience.
"BlueCoat was a company dedicated to the optimization of web browsing for about 15 years, at that time it was sought to make caching to streamline access to content, then that part of the business became important but took on greater importance the security of the processes. Once we had the access optimized, the need to secure it arises, becoming our main core of the business: Apply Security in the use of the Internet.
Recently we have refocused our commercial strategy, a series of acquisitions were made in the world of security, we sought to guide the company with a concept that has to do with facilitating the use of technology by companies safely and with good performance.
Currently there has been an explosion of mobile devices of the most varied, ranging from smartphones to tablets, reach affordable high-performance computers on the market many times faster than those offered by companies in their offices, adding to these new interactive devices such as smart TVs, game consoles, all interconnected to the Internet. The new generations demand new features and services, which implies a very high load of computer security in the business sector, non-existent until recently.
The question is how does a company make it easier to use all this technology so good, so dynamic and easily accessible to employees? It is possible to acquire a mobile computer with very simple and at the same time very powerful applications but that imply a risk of a door to security that needs to be controlled and secured by the person in charge of computer security within the company.
This is Bluecoat's business focus; its products or technological solutions aim to provide security in this wide range of benefits and services.
The most recent acquisition is related to the web security cloud service for all those users who are not sitting in their office but are traveling the world, cities or working on the street and need to have the same security they would have if they were sitting at the desk of their office.
Cloud services are now in Latin America, with investment in equipment to provide a local and immediate service to users.
These features currently travel to the United States and return, today it is possible to use them in a more agile way. The company has large solution centers within the Cloud.
The first has to do with security and security policies, not only do you have to protect but know who? How? and When? Understand well who the user is regardless of the device that is browsing, the place where it is and regardless of the time of day that is connected.
When applying secure policies, it is mandatory to know the user we are following to protect them. Policies are established that adapt to the instance in which one is, the employee working is not the same as the employee in his free hour or at home at night, it also requires adjustments so that it is not intrusive.
What is controlled during the day in the work schedule, at night at home is allowed to be done, since it is the time of privacy or free time. All this service is associated with performance. When the IT response is not according to the circumstances, the user acts in the shadows avoiding these controls and putting the company at risk.
When these services are used, it is necessary that they load quickly without detriment to the bandwidth of the company, avoiding consuming the resource in an exaggerated way, using different techniques to achieve two great objectives: not to waste the resources that we know is expensive and on the other hand that the user does not abandon it due to slowness.
So that you can continue to work the way you are used to or that you intend to work today, always connected, always fast, often agile, which sometimes is not the case. The mobile infrastructure still does not have the answer it should have, if the focus is oriented to navigation and its security.
Mobile product companies follow the same path, identify the device, know who it is, what type it is, if it is routed in the case of Android, what operating system it has, what applications it has loaded, from there apply certain restrictions, for example limit the use or installation of this type of applications or I allow you to use these applications. All this is very good but it is not enough.
Our position is that it is an excellent starting point, we use alliances with these companies but what is always vulnerable as an open door is what the user does with the device on the Internet, it happens that when a person uses the phone or mobile device two things happen, one is that he uses the application that he already has installed with the means of use secured and protected or uses the native browser, in which there are risks since there is no control within what you browse, the threats are true without depending on the equipment used even if it is a desktop computer.
In that place we apply our products and services. For example, not using the Facebook app on your tablet, why? Because I do not want you to waste time using social networks while working, which makes the user use the same access on the web, m.facebook.com and is inside.
It is possible to facilitate access to Facebook but with internal controls, preventing malware or harmful applications from being downloaded leaving that computer is infected.
That is for example a type of policy that we apply, they are released outside of working hours but safely. There are cases for example within the policies of the company that want social networks to be used, the IT manager knows that it brings a risk entailed, this generates a dilemma if it blocks them is the bad guy of the movie and if there may be no risk that he is fired for allowing a vulnerability, for this a gradual adjustment of flexible policies is offered that allows social networks to work but with rules specific security non-limiting or controlled, so that not everyone has anything.
Employees are informed that applications are open but that modules that have malicious content are blocked.
Other companies have been integrated that work with large volumes of data such as Internet traffic in an encrypted way, within travel mails and other information. A report of all internal transactions can be obtained in order to apply security policies to avoid threats.
Each device generates a log (data log), a firewall makes a log, an antivirus makes a log, any solution generates a log, with the logs you can work but it does not reach. It is like having a detailed phone bill, day, date and time but you do not have the call itself between those who made it. By acquiring the company Solera Network, a service is incorporated into the portfolio that what it does is record the call and everything else that happens in the network, that is, all the traffic, stored in a special scheme.
Not only does it record them but it is analyzing them with a series of Bigdata algorithms (those data that do not exist in tables), enriching with the current knowledge that is had in order to optimize the supervision, integrating with the Ips, firewalls and other security applications. This system allows a perfect follow-up of the records, which file was sent, from whom to whom, in what way etc.
Reconstruct for example an email with confidential information, as you have all the data it is possible to access its interior perfectly. With this tool the client has the ability to perform forensic analysis of all the information of his company.
It is integrable with all the security devices that are installed in the company, it is like a security layer or annexed in a transparent way.
Blue Coat Cloud Service is based on a global cloud infrastructure that delivers performance and scale with a 99.999% service level guarantee. To take advantage of this global network, the Blue Coat Cloud Service has three exclusive services: the Web Security Service, the Mobile Security Service, and the Hosted Reporting Service.
The global cloud infrastructure is part of Business Assurance Technology. Each of the five Business Assurance Technology hubs (Security and Policy Enforcement, Enabling Mobile Access, Trusted Apps, Performance and Resolutions) can leverage the global network to incentivize businesses to use the best devices, technologies and services available on the market.
The change of model (The Cloud) and Virtualization favor Ecology avoiding the sending of CO2 to the atmosphere improving our quality of life.
In successive articles we will deal with topics of interest related to the Cloud and Virtualize, it is of vital importance to know the concerns of the reader regarding it, given that in the end they will be the users of such a long-awaited infrastructure model, the exchange of opinions as it has been in other environments enriches and sustains the projects.
The names and trademarks mentioned are names and trademarks of their respective companies. For more information on the web visit www.bluecoat.com
*Osvaldo Callegari is an information systems analyst, analyst programmer, consultant in the Latin American chapter of Security. If you wish to contact him write to [email protected]
Leave your comment