In January I addressed the portfolio of security requirements for the SaaS environment. This post focuses exclusively on perimeter security.
Perimeter security is a firm's first line of defense against intrusion, malicious activities, malware and spam. Firms considering leveraging SaaS need to be sure the SaaS provider has the tools in place to support the level of security required. The defense needs to be strong enough to thwart the blackhats, but porous enough for users to be able to accomplish their day-to-day activities.
Before we get into the details of what to look and ask for in perimeter security, here are a few facts specific to email and spam: In August 2008, Yale University received 123 million emails, of which 94.54 percent were spam. SpamLaws.com quotes a study by the Radicati Research Group Inc., a research firm based in Palo Alto, California, stating that spam costs businesses $20.5 billion annually in decreased productivity as well as in technical expenses. In the same article, SpamLaws also quotes Nucleus Research as estimating that the average loss per employee annually because of spam is approximately $1934. These facts are only for email. There are substantial business impacts related to identity management, access management, DNS protection, Web access management, and industry compliance. The negative business impact related just to email issues is huge. Imagine the scale of the total impact when all of the perimeter security components are aggregated.
Perimeter security is comprised of a collection of management tools, each one providing specific protection. The collection of tools include:
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
