skip to Main Content

Cloud security

Last Updated:
Analyst Coverage:

Cloud security refers to two things: the security of the cloud and the provision of security services via the cloud, often referred to as security as a service. 

In terms of the security of the cloud, considerations include the policies, technologies and controls that organisations must deploy to protect the infrastructure of the cloud and the associated data and applications. Whilst many have seen security to be an inhibitor to cloud adoption, its use can actually provide higher levels of security than in-house implementations. To ensure that this remains so, however, we need to do more to improve the security of the cloud and of the internet as a whole; see here.

To ensure that services based in the cloud are secure, there are a number of things that organisations need to consider; see Best Practice here.

In terms of security as a service, many organisations are finding many advantages in subscribing to security services based in the cloud (see here). Examples of services that can be provided include authentication, anti-malware, application security, and web and messaging security services.  

Cloud-based services can provide advantages for a wide variety of organisations, from small organisations that lack the resources to manage security or applications themselves to large, distributed multinational and public sector organisations; see “Considerations when choosing a SaaS or cloud provider” here

Many of the most promising security applications for cloud-based delivery are those that reduce the threats that organisations face when using the internet and messaging systems see here and here.

Many of the largest security vendors have developed capabilities in cloud security, many through acquisition, including McAfee, Symantec, Cisco and IBM. There are also a number of vendors from the network management space that have entered the market for boosting the security of cloud-based services, such as Barracuda Networks and F5 Networks. However, there are also a wide range of innovative, specialised cloud security services vendors, some of which have achieved significant funding recently. Some of these remain attractive acquisition targets; see here.


    These organisations are also known to offer solutions:

    • AppRiver
    • Axway
    • Barracuda Networks
    • Blue Coat Systems
    • Cisco Systems
    • CloudPassage
    • F5 Networks
    • McAfee
    • Panda Security
    • Ping Identity
    • Porticor
    • Qualys
    • SafeNet
    • StillSecure
    • Symplified
    • Total Defense
    • TrendMicro
    • Trustwave
    • Veracode
    • Verisign
    • WatchGuard
    • Webroot
    • Websense
    • Zscaler
    post (Icon)

    Trust as the foundation of security

    Trust is essential for building a sustainable business. Security is essential for building trust. To build trust in electronic networks, security...
    Cover for Security based on trust not fear

    Security based on trust not fear - ...the importance of a trusted cloud and Internet ecosystem

    To build trust in electronic networks, security needs to be built into a suitable framework, rather than being bolted on.
    Cover for Cloud-delivered endpoint security

    Cloud-delivered endpoint security - better protection is delivered via the cloud

    Cloud-based endpoint security services are suited for use by any organisation that allows its users to interact and communicate using internet channels.
    Cover for Best practices for cloud security

    Best practices for cloud security - how security in the cloud can be a better bet than doing it yourself

    Although due diligence is required in the selection of such services, organisations should no longer consider security to be an inhibitor
    Cover for Why web security is best served in the cloud

    Why web security is best served in the cloud - Move protection to where the threats are

    With the web becoming the prime method of attack as other vectors are closed through security solutions, organisations are increasingly looking to beef up their security controls for web threats. But for many resource-strapped organisations looking to do more with…
    Back To Top