As a Large Enterprise, Should You Trust Cloud Security Providers?

April 4, 2013 Engin Akyol

Here at Distil Networks, we do four things exceedingly well: coding, designing, arguing, and boozing.  Back before insanity struck us and we founded our company, we used to engage in two of these four activities on a pretty regular basis.  In between vodka tonics and under the tyranny of blasting glow stick (unce unce unce) music at a generic San Francisco lounge, our CEO Rami Essaid and I entered into a contest of opinions escalating to near gladiatorial proportions of hand-waving and hyperbole trying to figure out if big companies would feel comfortable moving their traffic through a third party security service.

Our core premise was simple: Would large enterprises ever trust their data to cloud security providers?  I don’t remember who won the argument (or anything else from that night, actually) but that hesitation of large enterprises committing to cloud infrastructure built and maintained by another company is a fact of life we deal with daily at Distil Networks.  We have a product that they want, but should they trust us with their data?  We say “absolutely!”  They say “weeellllll…”

Over the past year and a half we’ve seen some very high profile distributed cloud failures that have led to extended down times for customers and embarrassing headlines for companies.  Our team, as well, has had issues in the past that have either taken out our internal tools or caused our customers discomfort.  Maybe even severe discomfort.  At the scale that most cloud companies operate, when things go bad they tend to go spectacularly bad.

Despite these risks, I can’t help but believe that we’re on the fast track to a future where hardware will just be generic interconnected parts serving as hosts to diversify shared platforms (and judging by some predictions, I may be on the path to being prophetic).  Virtual servers, routers, and load balancers that can be brought online instantly and purely on-demand allow businesses to focus on their core products and grow naturally without being hampered by technological logistics.  Why then, spend hours configuring firewalls and caching layers when someone else has done that work for you?

The last question in particular applies to major enterprises now more than ever.  Unless your company provides hosting, networking or network security services, you really don’t need to invest vast resources into maintaining all these systems in-house.  Network security, for one, is an important aspect of modern businesses that is no longer the core product of nearly all of the companies that  need it the most.  This leads to damaging situations involving unauthorized access, and direct damage to your brand (and of course, even more bad headlines).

One immediate benefit that all of our customers see when they switch to Distil’s bot blocking network is actual insight into exactly how many bots are scraping them on a frighteningly regular basis — insight that’s usually followed up with a bit of shock and a lot of anger.  While we’re exceedingly good at detecting and blocking bots, the surprise customers have is rooted more from the fact that they didn’t know this was occurring in the first place. Since they weren’t aware it was a problem, they never paid close attention to their server logs or ran asynchronous analytics on connection behavior.  Not being aware of a security gap is almost always the reason those gaps are eventually exploited.

Because cloud security companies like Distil Networks have a razor focus on specific areas, we are aware of those gaps. While an hour outage can be extremely costly and embarrassing, a website that gets compromised by a bot attack can lead to private data theft, phishing attacks on your visitors, and malicious code running in your customer’s browser. The protection cloud security providers like Distil offer often saves a greater order of magnitude on the potential damages prevented than the worst previously linked cloud outages could have cost.  This makes cloud security a decided no brainer. 

About the Author

Engin Akyol

Engin Akyol, our Co-Founder and CTO, came to Distil Networks from Cisco systems where he had five years of experience providing networking and network testing consulting for core enterprise customers as part of Cisco’s ECATS group. Engin’s responsibilities included creating and executing test plan’s based on customers’ requirements, interacting with developers to provide quick resolution to issues, and providing recommendations for deploying new networking equipment and software.

More Content by Engin Akyol
Previous Article
Trap Analysis 101
Trap Analysis 101

Distil Networks released a new report, Trap Analysis and Statistics, in the Distil Admin Portal, which give...

Next Article
Scraping Just Got a Lot More Dangerous
Scraping Just Got a Lot More Dangerous

A Federal Court restricted fair use by upholding the NY Times and The AP’s claim to copyright against Meltw...