If you think on-premise Data Loss Prevention solutions such as ours still have a few more years to go before our customers start seeking for cloud alternatives, think again.
MS O365, Google-Apps/Mail as well as other cloud solutions are already transforming the way IT deliver services to their final users. In February of 2014, Microsoft reported that over the course of one year more than 15% of its Exchange installed base had moved to Office 365, which represented a shift of around 40 million business mailboxes (*).
Also, Gartner predicts that by 2018, cloud systems will achieve a total market penetration of 60% (**).
This rapid move to cloud-based solutions makes sense. These hosted offerings provide users with new flexibility and more efficient ways to collaborate, and they offer businesses and IT departments significant cost savings and lower administrative overhead compared to traditional on-premise applications.
But exactly how much protection do these next-generation cloud email solutions provide? Microsoft, Google, and other cloud vendors are keen to point out that their cloud email offerings include free anti-malware and DLP.
But how complete and effective are these built-in capabilities?
Data loss through email is a serious issue and we need to proactively enforce security and compliance policies and protect employees when they share sensitive information and attachments over email.
We know that the more complex the network, the more complex the DLP deployment will be - and DLP can be pricey if we do it well.
Here's my point: We should prioritize the idea of offering CA Data Protection solution as a service.
Data Loss Prevention offered on/from the cloud is not a new challenge.
A dozen of vendors already offer cloud-based DLP with different types of licensing and features: Symantec, GTB, Netskope, Skyhigh, CipherCloud, Elastica, Proofpoint, just to mention a few.
For sure things like leveraging the reach of Cloud Security Alliance (CSA) and pursuing a SalesForce ISV partnership to further improve our capabilities are a must but, first, we need to have our solution properly adapted in a solid Cloud/SaaS platform.
Make no mistake, if we don't do it now, our solution won't last long and we won't be able to defend our installed base.
It's feasible but there's a long path cover and little time to do it.
So, if you agree that our solution should have a cloud offering, help me with your vote and let's help our Product Management make a case for it.
Thanks in advance. Best,
(*) Bott, Ed. Office 365: After One Year, How’s Microsoft Doing? ZDNet. Feb. 21, 2014 (http://www.zdnet.com/article/office-365-after-one-year-hows-microsoft-doing/)
(**) New Developments in the Cloud Office System Market. Gartner. 2013 (https://www.gartner.com/doc/2492216/new-developments-cloud-office-market)
Leo Garcia, CISSP-ISSAP, CRISC, ITIL
CA Services | Security & Compliance | Data Protection & Privacy
+1 214 548 9021
“The way you do anything is the way you do everything”