| | October 20188CIOReviewIN MYPINIONAs a former CIO, I have implemented and seen the significant benefits of cloud computing, both the leverage of compute on demand via infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) delivery models and the use of software-as-a-service (SaaS) applications. In particular, SaaS-based applications are becoming increasingly the way organizations can quickly and easily leverage new applications. This is driving tremendous growth and innovation--Angel List has more than 11,000 SaaS start-ups listed in the U.S. and IDC predicts the SaaS-based market to surpass $112 billion by 2019.While cloud computing and SaaS business models can enable IT organizations to lower infrastructure costs and enable more agility to support customers, it also increases the complexity in dealing with IT security. Not only is the IT organization giving up control (and visibility) into some of its IT infrastructure, to the degree it is leveraging SaaS-based applications, it is also having third-parties store and control sensitive data. Not so long ago, IT security staff would work to protect the organization's IT perimeter; with today's new computing and service models, one has to admit that a traditional perimeter no longer exists, or if a perimeter does exist, it might include protecting a number (perhaps up to dozens?) of third-party cloud service and SaaS- application providers.By Richard A. Spires, CEO, Learning Tree International, Former CIO of US Department of Homeland Security and the IRSCLOUD AND SAAS SECURITY - THE NEED FOR A COMPREHENSIVE APPROACHRichard A. Spires
< Page 7 | Page 9 >