Searching for the 'anti-virus' of the Cloud Age

CRYPTOCard CEO Neil Hollister looks at the prospects for remote access technology in the cloud-based future. It was German astrophysicist Bernd Fix who developed the first anti-virus software in the late 1980s, scanning for infections passed on by floppy disks.

Neil Hollister_CRYPTOCARD.jpgCRYPTOCard CEO Neil Hollister looks at the prospects for remote access technology in the cloud-based future.

It was German astrophysicist Bernd Fix who developed the first anti-virus software in the late 1980s, scanning for infections passed on by floppy disks.

Then in the 90s the rapid adoption of the Internet changed the game and viruses were soon being spread via emails on a previously unimagined scale.

Seeing how the security risks were evolving, MessageLabs realised that scanning emails for viruses neutralised most of the major threats and so developed a mass-market email scanning solution which could be sold through the channel as a commodity.

Well, things have moved ahead light years since and now the channel is searching for the anti-virus for the Cloud Age.

With the associated cost benefits and business agility opportunities it presents for remote working, Gartner projects that cloud adoption among businesses will increase from three to 43 per cent over the next four years.

As organisations move their sensitive information and applications to the cloud, they seek reassurance that security measures put in place to protect the cloud stay in step with the technology by addressing inherent vulnerabilities of remote access.

Naturally, this represents a big opportunity for the channel.

It is clear that universal cloud adoption cannot occur until a highly effective, user-friendly authentication solution can be implemented on a wide scale.

After all, the increasing number of security breaches show that it is becoming easier than ever to compromise someone's online identity

Indeed, if the cloud is to become the modus operandi of businesses, cloud authentication needs to follow the trajectory of anti-virus software and become sufficiently affordable, flexible and scalable to be thought of as a commodity purchase.

The big question for the channel is: how feasible is this?

Given the confluence of the steady adoption of the cloud as a business platform, and the increasingly sophisticated security threats coming from hackers of all stripes, the demand for a robust and workable authentication solution continues to grow, too.

In fact, Forrester Research estimates that market for identity and access management will grow to more than $12.3 billion by 2014 - up from a comparatively meagre $2.6 billion in 2006.

Previously, companies working within the channel have struggled to make strong authentication a viable solution for businesses, facing several challenges. The first is scalability - a solution must be scalable to meet real-time demand of businesses of all sizes.

The second is usability - a solution must be easy to use seamlessly to ensure user adoption and ongoing compliance.

Lastly - and critically - a solution has to be financially viable. Building and managing servers requires significant up-front and continuing investment and expertise, while ongoing user provisioning and the deployment of hard tokens has proved too costly for businesses and channels to commit to on a large scale.

Over the past couple of years though, technological developments have seen the ground shift radically on all three of these fronts.

For a long time, two-factor authentication (2FA) has been the most effective way to ascertain digital identities of authorised users. Passwords have been the weak link in the security chain since the internet's inception and their fallibility has been repeatedly exposed by the advent of cloud services for both business and personal use.

However, 2FA's traditional reliance on hardware tokens has previously made it too unwieldy to be implemented on the kind of scale required for cloud computing.

The times have changed, though. 2FA has now embraced one of the cloud's inherent qualities - its hardware-free virtuality - to offer an instantaneous tokenless authentication solution that can be implemented as required on any scale at any given time.

This means authentication details can now be delivered to smartphones and other mobile devices, and users can be added in a matter of seconds.

Distributing 2FA through the authentication-as a service (AaaS) model also makes it scalable as it can be deployed to an entire corporate directory with a few clicks of a mouse.

Such straight-forward and rapid deployment makes it cost-effective, and it is this marriage of price and ease-of-use that makes tokenless 2FA a genuine candidate to become the anti-virus of the cloud age.

With the historic barriers to affordable, large-scale cloud security being removed, organisations will look to the channel to provide them with a workable solution to an ever-growing problem: authenticating access to data in the cloud.

If they cannot meet this demand, basic economics dictate that they will lose business to rivals who can.

Read more on Data Protection Services