As more and more businesses make the change from on-site IT management to a managed services model, the scalability and cost-effectiveness of cloud-based security services is becoming increasingly apparent. According to the non-profit organization Cloud Security Alliance, there are at least ten types of security that can be implemented through a remote strategy that makes heavy use of resources stored in the cloud. All of these comprise SaaS, more commonly known as Software as a Service.
Management of access and identity across a network can be accomplished remotely. This involves verifying user authentications to be sure that access is granted only where appropriate. A comprehensive solution in this domain includes the generation of logs that can be audited to detect access attempts that were denied.
The prevention of data loss is another SaaS available through the cloud, as are a variety of security measures including web traffic security implemented through a proxy server and email security to weed out phishing attempts, virus-laden attachments, and general spam. Email security also includes allowing for additional encryption and the recognition and use of digital signatures.
Security assessments can also be conducted, using the cloud to evaluate the level of security offered by an enterprise's existing IT services. Based on such assessments, an enterprise may need to make more use of additional cloud-based security services such as intrusion management to keep outside elements from gaining access to the network and event management, which provides reporting on the kinds of IT incidents that may warrant investigation or intervention.