Welcome!

SDN Journal Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, TJ Randall

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Selecting Cloud Security Brokers: 'All-in-One' or 'Best-of-Breed'?

A solution that 'concentrates on robust functionality' in a critical new area or an offering that’s a 'mile wide & inch deep'?

When we set out to build the PerspecSys Cloud Data Control Gateway, we faced an important design decision: would the market prefer an "All-in-One" or a "Best-of-Breed" Cloud Security Broker?

In the "All-in-One" camp, IT professionals have come to learn that the bundled modules from a single vendor have significant gaps in features that frequently lead to critical capability holes with implications ranging from operational scalability to compliance and security. Failing to address these shortcomings can be devastating for companies, potentially leading to financial loss and brand damage. This is because "All-in-One" products tempt enterprises by offering multiple solutions, many of which the customer was not even considering using. Most of these complimentary modules do not make any of the industry-validated lists (e.g., Gartner Magic Quadrants) for capability or quality, and as a result are frequently not even mentioned in research or analyst rankings.

Most organizations we talk to have already decided on their enterprise requirements, and made their selections of robust Encryption and Key Management, Single Sign-on (SSO), Malware Detection, Secure Web Gateway (SWG), Data Loss Prevention (DLP), and so on as they tackled these issues in the maturation of their security infrastructure. For example, CIOs tell us "don't give me another encryption system to manage" - they share with us that they want to maximize their existing IT investments and deploy the encryption modules they have vetted and trust from their preferred vendors within our Cloud Data Control Gateway solution.

When Cloud applications were used experimentally or with low value corporate information, having weaker solutions acting as the security umbrella was perhaps not as important. However, as these applications scale to meet enterprise needs and the cloud is forced to handle increasingly important (and sensitive) information, they need to fit with the trusted security approaches already deployed within the enterprise's ecosystem.

As the enterprise Cloud Security Broker space has evolved and organizations began defining reference architectures, cloud computing and interoperability standards, this has made it financially and operationally viable for an enterprise to choose the world's best product/service for each of their critical needs - for every user and for every use case. Organizations no longer had to sacrifice functionality and inferior products for the sake of integration.

When we researched this and considered the data, "Best-of-Breed" become the obvious answer to PerspecSys, which provides an open framework to our ApprotexTM Cloud Data Control Gateway platform to plug in third-party enterprise components. And here's why:

  • Leverage existing IT investments: Lower cost, proven performance, well vetted within the organization and the industry. This leads to operational efficiencies and expanded field of use, as enterprises reduce/optimize the number of systems that do the same thing.
  • Feature rich: The best-of-breed components from specialized vendors deliver deep capabilities that lead to increased productivity and efficiency.
  • Ease of implementation: IT products are likely already deployed and in use from specialty vendors who, through focus, are more agile. With Best-of-Breed there is no need to deploy the same technologies as those already deployed (and trained on) within IT.
  • Future proof: Minimize functional gaps in the future as each specialized vendor continues to innovate and add rich capabilities.
  • Improved interoperability: Best-of-Breed "independence" requires flexibility to integrate into other systems. The cloud, with its open, flexible SOA-based (service-oriented architecture) application means that integration is far easier and less expensive to manage. Cloud software is built to integrate, interoperate and exchange information.
  • Better support: Each vendor brings deep expertise in their chosen area, giving the enterprise options in how to maximize their capabilities as a consequence. The Best-of-Breed approach is significantly more flexible and changeable over time. You can upgrade individual components without impacting other functions. Plus, as new technologies emerge they can be integrated into the overall solution.
  • No vendor lock-in: You can choose to replace a module if it becomes too expensive, obsolete, or integrity is compromised. In the end, the enterprise is not forced to accept inferior solutions.

As enterprises make their Cloud Data Control Gateway decisions, will they be choosing based on a "sharp focus on a core competency" or will it be based on a "boiling the ocean" approach? A solution that "concentrates on robust functionality" in a critical new area or an offering that's a "mile wide & inch deep"? A package that "plays nice" with the enterprise security ecosystem or one that tries to replicate existing specialized security products and creates friction? Organizations that yearn for freedom of choice and the flexibility to create their own suite of "Best-of-Breed" products from any number of vendors, their time is here.

Read the original blog entry...

More Stories By David Canellos

David Canellos is a security veteran who is now President and CEO of PerspecSys. An entrepreneur specializing in bringing innovative security and privacy solutions to market, he has been instrumental in establishing PerspecSys as the leader in the Cloud data Protection Gateway market.

Before joining PerspecSys, David held executive positions at Irdeto Worldwide, which acquired the company he led, Cloakware, which was a pioneer in encryption and digital rights management. Before joining Cloakware, he was the General Manager and Vice President of Sales for Cramer Systems (now Amdocs), a UK-based company, where he was responsible for the company’s revenue and operations in the Americas. Prior to his work with Cramer, David held a variety of executive, sales management and business development positions with the Oracle Corporation, Versatility and SAIC.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
All in Mobile is a mobile app agency that helps enterprise companies and next generation startups build the future of digital. We offer mobile development and design for smartphones, tablets and wearables. Our projects cover the latest and most innovative technologies - voice assistants, AI, AR/VR and more. We excel at solutions for sports, fintech and retail industries.
NanoVMs is the only production ready unikernel infrastructure solution on the market today. Unikernels prevent server intrusions by isolating applications to one virtual machine with no users, no shells and no way to run other programs on them. Unikernels run faster and are lighter than even docker containers.
The dream is universal: heuristic driven, global business operations without interruption so that nobody has to wake up at 4am to solve a problem. Building upon Nutanix Acropolis software defined storage, virtualization, and networking platform, Mark will demonstrate business lifecycle automation with freedom of choice and consumption models. Hybrid cloud applications and operations are controllable by the Nutanix Prism control plane with Calm automation, which can weave together the following: database as a service with Era, micro segmentation with Flow, event driven lifecycle operations with Epoch monitoring, and both financial and cloud governance with Beam. Combined together, the Nutanix Enterprise Cloud OS democratizes and accelerates every aspect of your business with simplicity, security, and scalability.
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the most comprehensive program and with 222 rockstar speakers throughout our industry presenting 22 Keynotes and General Sessions, 250 Breakout Sessions along 10 Tracks, as well as our signature Power Panels. Our Expo Floor will bring together the leading global 200 companies throughout the world of Cloud Computing, DevOps, IoT, Smart Cities, FinTech, Digital Transformation, and all they entail. As your enterprise creates a vision and strategy that enables you to create your own unique, long-term success, learning about all the technologies involved is essential. Companies today not only form multi-cloud and hybrid cloud architectures, but create them with built-in cognitive capabilities.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understanding as the environment changes.