Latest news
Misha Govshteyn is the CTO and responsible for security strategy, security research and operations at Alert Logic. In this interview he discusses Software-as-a-Service (SaaS), log management, compliance, threat management and more.Why is the Software-as-a-Service (SaaS) model a good fit for log management?
Software-as-a-Service is a perfect model for non-business critical problems that are too messy to be solved on premise. People don’t realize this, but the biggest SaaS company today is Google. No one wants to store terabytes of search data just to find a web site for a car wash. Same goes for log management. No one is going to make more money because they retain a complete archive of logs for the last 12 months or 7 years. But it still has to be done. Compliance requires it and it’s hugely important for forensics. And while it may not contribute to earnings, it has real potential to prevent losses. How different would ChoicePoint investigation have been if they had retailed their full audit trail? Would the breach have been detected faster? The answer is, yes. Absolutely.
Log Management requires storage, databases and computing capacity that most companies are not prepared to deal with. The cost of buying storage is dwarfed by the amount of money and effort required to manage that storage and the amount of data increases every day as people collect more logs. Suddenly they have a lot more storage they need to manage and backup than they expected originally. Products they bought just a year ago begin to look inadequate. SaaS takes that entire problem offsite. Why bother thinking about how to manage all that complexity when you can just subscribe to software that has storage built into it?
Another interesting point is stranded capacity. There is a log management company out there that sells you 5-6 servers that run as a grid attached to a SAN. Their product is very fast, but most of the time those appliances sit idle and burn power. Truth is that most of the time you will not be searching through a huge archive of logs, so the computing capacity and power is essentially wasted until you actually need it. When you buy traditional software you are, in fact, contributing to global warming. With SaaS, you’re saving the world. Log Management under the SaaS model allows you to change the economics in a very powerful way. Customers are starting to figure that out and as soon as word gets out old school software will never seem quite the same.
Spotlight
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
