Simply Security - News, Views, and Opinions from Trend Micro

Posted on August 18th, 2011 in Cloud Security, Current News by Cloud Security Blog | Be the first to comment |

Gartner recently released their Hype Cycle for Cloud Computing, 2011, which you can see legally reproduced here on the excellent Software Strategies Blog.

While there is a lot of really good analysis in this hype cycle, I just don’t buy the cloud security positioning. Cloud security is positioned so it is about to fall into the famed trough of disillusionment. If the hype cycle was dogma, this would be true, but I’m not so sure here. Almost every other item on the cycle is dependent on cloud security, so much so that you could just cross out the word “cloud” and call it “security.” Surely security isn’t about to drop into a trough of disillusionment, right?

However, I completely buy the Gartner position that most companies have cloud strategies, but few have cloud-centric strategies. That’s one of the reasons I joined Trend nearly a year ago – the fact that our Smart Protection Network is a cloud that handles billions of transactions a day makes much of what we do cloud-centric, and our very focused virtualization and cloud encryption products are 100% bets on the cloud and virtualization. That’s a real cloud-centric strategy, one I actually believe in.

Like everyone else, Gartner is hearing confusion over hybrid clouds, because the bottom line is that a huge number of private clouds are connected to the public cloud, and vice versa. That term is abused by marketing people all the time. In our case, there are clear examples of hybrid clouds (our web gateways on prem, tied to our cloud service, or our SaaS key encryption service providing keys for a private cloud).

I was glad to see Gartner focus on Big Data and also to see it’s headed for the Trough of Disillusionment shortly (next year) based on amazing hype. Of course, then they add fuel to the hype by claiming that Big Data/extreme information management users will outperform their competitors by 20% in every financial metric. Wow, that’s a big claim – it has a date and a big percentage and a direction. Good luck with that one, guys. That said, I use metrics and data visualization straight of out big data  to track my own personal performance & health (see me in this article in The Financial Times), and I think I outperform by 20%. Either that, or I have a big ego.

Gartner is right about there being confusion over PaaS too, saying it’s misunderstood. That’s true, but when I talk with my buddies at Appigy, it sounds like they’re on fire, with no shortage of demand for API metrics and billing for clouds. Even so, PaaS is fuzzy in most IT people’s minds.

It was refreshing to read Gartner’s opinion that SaaS is cheaper for the first 2 years, but gets more expensive over time than in-house software. This is why SaaS is great for startups, but larger companies may opt to stay with in-house (or remotely managed in-house, or IaaS-resident software) vs using SaaS.

Keep in mind though, that every single observation here requires security to be functioning or it simply isn’t viable. That’s why I think cloud security doesn’t fit on the chart the same way some of these other technologies do. Cloud-based security does fit, but security for the cloud does not. It’s a critical distinction that deserves consideration!