SECaaS (Security as a Service)
Security-as-a-Service (SECaaS) is a cloud-based method of outsourcing your cybersecurity. Outsourced security can cover data protection, VoIP security, database security, and general network security. All of these can help an organization combat SECaaS threats, such as malware and botnets.
SECaaS is an increasingly popular data security solution for corporations because it is easier to scale as the business grows. It also makes it possible to circumvent the expense of establishing an elaborate on-premises security architecture.
Categories of SECaaS
The Cloud Security Alliance (CSA) is an organization that is dedicated to defining and raising awareness of secure cloud computing. In doing so, the CSA has defined the following categories of SECaaS tools and created a series of technical and implementation guidance documents to help businesses implement and understand SECaaS. These categories include:
- Business continuity and disaster recovery (BCDR or BC/DR)
- Continuous monitoring
- Data loss prevention (DLP)
- Email security
- Encryption
- Identity and access management (IAM)
- Intrusion management
- Network security
- Security assessment
- Penetration testing
- Security information and event management (SIEM)
- Vulnerability scanning
- Web security
| Network Security | Network Security consists of security services that allocate network access, distribute, monitor, and protect network services |
| Vulnerability Scanning | Vulnerability Scanning scans the target infrastructure or systems for security vulnerabilities via a public network. |
| Web Security | Web Security offers real-time protection of public facing application services generally offered by proxying web traffic through the cloud service provider. |
| Email Security | Email Security provides control over inbound and outbound email, protecting the organization from phishing, malicious attachments, and spam, and providing business continuity options. |
| Identity and Access Management (IAM) | Identity and Access Management (IAM) provides identity administration, governance and access controls. This includes authentication, identity assurance, access intelligence, and privileged user management. |
| Encryption | Encryption is the process of obfuscating data using cryptographic and numerical ciphers. Transforming clear-text into cipher-text to make it unreadable |
| Intrusion Management | Intrusion Management is the process of using pattern recognition to detect statistically unusual events, prevent or detect intrusion attempts, and manage the incidents. |
| Data Loss Prevention (DLP) | Data Loss Prevention is the monitoring, protecting, and verifying the security of data at rest, in motion, and in use. |
| Security Information and Event Management (SIEM) | Security Incident and Event Management (SIEM) systems accept log and event information, correlation and incident data and provide real time analysis and correlation. |
| Business Continuity and Disaster Recovery (BCDR) | Business Continuity and Disaster Recovery is the implementation of measures designed to ensure operational resiliency in the event of any service interruptions. |
| Continuous Monitoring | Continuous Monitoring performs the function of continuous risk management presenting the current security posture of the organization. |
| Security Assessments | Security Assessments are third party audits of cloud services based on industry standards. |