Cloud Computing To Bring Security App Shift, Report Says

Revenues for hosted security apps are expected to triple over the next five years

Microsoft's Chief Architect Ray Ozzie dubbed it a "Web-catalyzed services transformation," and some say the sky will be the limit for cloud computing in the enterprise. However, there still will be a strong need for information security -- even in the clouds. A new Gartner Inc. research report, released on Tuesday, predicts growth in the online security application industry segment as companies gravitate toward using hosted applications.

Revenues for hosted security apps are expected to triple over the next five years, from 20 percent of the revenue in 2008 to 60 percent in 2013, according to the report, "Cloud-Based Computing Will Enable New Security Services and Endanger Old Ones."

As companies adopt cloud computing, the security space will be reshaped, according to the research think tank. Gartner defines cloud computing as a system where "massively scalable IT-related capabilities are provided 'as a service' using Internet technologies to multiple external customers."

The "messaging security controls software" segment currently represents the big seller among security software vendors, according to Gartner. These vendors focus on malware and spam detection, e-mail filters, and instant messaging code cleaners.

The upcoming shift in the security application segment was not unexpected. IT prognosticators have known for a while that the boxed software model had only so much time. The shift will be good for start-ups and existing security app vendor heavyweights who want to team up with the Microsofts and VMwares of the world.

However, IT pros will face the challenge of maintaining browser-based security under the new cloud computing model.

Gartner and groups such as the Center for Internet Security warned last year that the increased use of cloud-based or virtual distribution services -- i.e., such as or Google Apps -- will create avenues for attack. Critical business data might be accessed remotely without touching the corporate network or even having to log-in.

Security controls will have to be placed between mobile users and cloud-based services. Moreover, virtualization won't make things easier. Gartner claimed that by early 2009, 60 percent of virtual machines, which include the apps sitting on them, will be less secure than their physical counterparts.

"What virtualization does is it complicates and compounds the threats," said Nancee Melby, a senior product manager in virtualization for Shavlik Technologies. "It may be easier to install a virtual program but it's also easier to roll out a new virtual guest system than it is to go into a room and push a physical server out. There will be a substantial increase in the number of logical operating systems and applications sitting on virtual servers and it's exciting but there is work to do."

-- Jabulani Leffall

Must Read Articles