IT Adviser - September 2009 digital edition

cloud computing
The software industry is entering
another age of astonishing innovation.
It's a time when not only is software
advancing at an astounding rate, but so
are hardware devices � where power is
increasing as quickly as size is decreasing,
and software and computing power is
becoming near ubiquitous.
Consider this: a handful of years ago,
few would have believed that customer
relationship management software would
have moved almost completely to the cloud.
Or that Lotus Notes, that grey old lady of
IT, would have made the jump as well.
Even among the proponents of Cloud
Computing, few believed corporate
software and data wanted to be liberated so
quickly � and make itself readily available
anywhere, anytime, on any device, and
from within any Web browser.
No doubt, along with all of the benefits
of SaaS will come new risks and
challenges. This is especially true as even
more mobile devices access critical
corporate data. Consider the fact that one
out of ten laptops in use today will be lost
or stolen, and you know most will not be
encrypted. Then, there's the challenge
associated with securing new Cloud
Computing architectures, and all of their
various shapes and sizes. I'm sure that in
the years ahead, there will be a number of
negative stories surrounding Cloud
Computing. Providers will go out of
business. There will be a number of
system outages that affect large
numbers of customers.
And there will be
a number of data breaches.
The IT Challenges facing
organisations
Yet, I believe that the SaaS and Cloud
Computing revolution holds the potential
to benefit everyone in the software
industry, and all who rely on it for their
business. For instance, we in the industry
are well aware that software is evolving too
quickly to keep up. It's a never ending
process of software enhancements,
upgrades, security fixes, and new
installations. And, few would disagree that
there are too many vulnerabilities affecting
too many applications. In this disorder,
most of the burden has fallen on the
shoulders of organisations that have had to
dedicate extraordinary resources to patch
and mitigate the security holes.
Here is an interesting statistic that
reveals the magnitude of the challenge.
According to Qualys' The Laws of
Vulnerabilities 2.0 research, companies
take an average of 59 days to patch their
vulnerabilities. Five years ago, that
number was 60 days. That's a reduction of
one day in the past five years. When one
considers all the effort and automation that
has gone into patch management in the
past five years, that's not much in the way
of improvement. And this shows not just
how steep the challenge is, but just how
broken the current ecosystem of traditional
software is.
The SaaS approach
Fortunately, the SaaS and Cloud
Computing models are positive disruptions
on the infrastructure of both private
networks and the Internet. Unlike when
individual organisations patch (work that
must be duplicated for every installation),
when SaaS vendors update their software
applications, all of their customers are
patched instantaneously as well. Because
of this simple fact, many of the security
problems that plague today's business-
technology systems � such as patches and
software misconfiguration issues � are
solved. Thus, in this, and many other
ways, the burden of maintaining a secure
application largely is transferred from the
software user to the provider. The effect of
proper patching is amplified throughout
all the IT systems the SaaS and cloud
providers touch.
For many years it was thought that SaaS
would be destined just for SMEs, but today
we know that this isn't so; the advantages
of cost reductions in staff and
It's time to embrace
(and prepare for) the
shift to the Cloud
The author
Philippe
Courtot, CEO of
Qualys
38 ITadviser Autumn 2009

Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15 Page 16 Page 17 Page 18 Page 19 Page 20 Page 21 Page 22 Page 23 Page 24 Page 25 Page 26 Page 27 Page 28 Page 29 Page 30 Page 31 Page 32 Page 33 Page 34 Page 35 Page 36 Page 37 Page 38 Page 39 Page 40 Page 41 Page 42 Page 43 Page 44 Page 45 Page 46 Page 47 Page 48 Page 49 Page 50 Produced by PageSuite