13 Mar 2015

There’s more talk than ever in the security industry about cloud-based systems – where they are, where they’re going, the risks, the rewards. New opportunities for integrator companies, especially related to recurring monthly revenue (RMR), are among the benefits of new cloud-based systems. For insights into those opportunities, we spoke with Robert Hile, currently director of strategic accounts for SureView Systems and a strong proponent of cloud-based systems, whose background includes experience as an integrator as well as a manufacturer. He currently focuses on enterprise-class market opportunities for SureView systems, and on building relationships with key integration firms, consultants and A&E firms.

SourceSecurity.com: What are some of the challenges that early adopters of cloud-based systems had to overcome to be successful today?

Many cloud-based manufacturers are taking proactive measures to ensure that their remote log-in and data protection policies are up-to-date and offer assurances that a customer’s private data is safe and secure

Rob Hile: By far, the biggest challenge for early adopters of cloud-based systems has been finding manufacturers who are truly dedicated to the cloud, not just standard technology that can be accessed via the Internet. The true power of cloud-based technologies for the end user is the transition away from old server/client architecture and the licensing structure that has gone along with it. Another secondary challenge was scalability — users need to have the option to start small and scale out as needs change; that is, the ability to add to the number of devices and locations by increasing computing power in a virtual environment. This approach aligns with many enterprise customer’s long-range strategic business plans and migration strategies.

SourceSecurity.com: What objections have you heard from dealers/integrators/end users in relation to cloud-based systems? How are these being addressed?

Hile: Security data concerns are the biggest objection to cloud-based systems today. With the recent increase in data theft, many end users that were leaning toward cloud-based systems are taking a harder look at data protection and remote log-in procedures to minimise the loss of private company data and personal information. The good news is that many cloud-based manufacturers are taking proactive measures to ensure that their remote log-in and data protection policies are up-to-date and offer assurances that a customer’s private data is safe and secure. Additionally, many of the top cloud-based manufacturers have gone the extra mile and now offer cyber liability insurance, providing their customers with an extra layer of protection.      

SourceSecurity.com: What are some of the advantages for integrators/RMR?

Hile: The biggest advantage for dealers and systems integrators that embrace cloud-based systems is the value-added services that often go hand-in-hand with these platforms. Software and technology tune-ups are standard practice for most cloud-based systems and security patches need to be kept current to ensure system integrity. Some of the more creative providers offer ongoing system audits of the IT and usage policies that govern access to these cloud-based systems, proactively looking for potential weaknesses that could be exploited in the event of a cyber-attack.   

SourceSecurity.com: How are the issues of privacy and critical data protection in the cloud addressed in today’s security marketplace?

As data security and the IT policies that govern the use of cloud-based solutions gets stronger and more robust, more customers will seek pure cloud-based applications

Hile: The general opinion in regards to cloud-based systems today is that the critical data associated with these systems is only as secure as the customer’s network and the IT policies that govern the access to those systems. In my opinion, it's a mistake for manufacturers who currently have or are planning to develop cloud-based offerings to leave the job of securing this private and confidential data solely in the hands of the end user. By working together with the customer to map out new IT policies and procedures that support cloud-based solutions, you can isolate critical data away from the user interface and securely position this data, often referred to as the data tier, well behind the customer’s demilitarised zone (DMZ). This approach offers maximum protection from attacks that come directly from the cloud-based application being used.  

SourceSecurity.com: What can we expect the future of these cloud-based systems to look? Where will the technology go in the future?

Hile: End users want lower costs and lower risk when moving to cloud-based systems, not higher costs and higher risk. As data security and the IT policies that govern the use of cloud-based solutions gets stronger and more robust, more customers will seek pure cloud-based applications that will, in turn, drive the market to move quickly from "hybrid" solutions overall to internal hosted virtual machine (VM) applications or pure cloud-based software as a service (SaaS) solutions. As this shift takes place, the pricing for these applications will move from the traditional capital allocation model to operational RMR or subscription models. I don’t expect the overall performance and features of security systems to change drastically but I do expect major changes in architecture design, deployment options and how customers pay for these solutions.