We all know the Internet is not secure, yet more companies are turning to the cloud for business solutions. With that in mind, I spoke with Philippe Courtot, CEO of Qualys, a security provider that offers a unique hybrid of the cloud model.
QualysGuard is a suite of services that scan your network for vulnerabilities, ensuring that all devices are in compliance with company security policy, as well as external regulations.
The service is used by 200 of the Forbes Global 2000, Courtot tells me.
The cloud's silver lining: Tethered security
What is unique is the delivery model, which begins as SaaS in the cloud, though not of the free-floating kind, you might say. It is tethered to an appliance that Qualys puts behind your firewall. Once connected, Qualys manages the device, which in turn manages numerous aspects of the security of your network. One of the company's largest customers -- Courtot wouldn't say who -- has more than 223 managed security appliances worldwide.
[ For more on cloud computing's impact on IT, see "The dangers of cloud computing," "Cloud options for IT that IT will love," and "Nick Carr: The many ways cloud computing will disrupt IT." ]
The hardened appliances sit behind the firewall with all data encrypted and almost no way to actually access the box. There is a small keypad that will allow a security manager to put in originating IPs and credentials; otherwise, the box is closed.
It's a nice compromise. As Courtot points out, businesses in aggregate shell out about $84 billion to manage 400 million Exchange clients, while with Google Mail, there is no infrastructure. In theory, those Exchange servers behind your firewall are more secure than Google Mail, which just sits out there, untethered, in the cloud.
Qualys hybrid model means the user has no infrastructure to speak of, yet gets the behind-the-firewall security many companies demand.
Currently Qualys remotely manages about 7,000 appliances worldwide.
Where an appliance makes sense
You might think of the setup like iTunes and iPod. If you want to listen to iTunes, you need a device: the iPod. Here, if you want to have your data checked, the appliance is the device, but it's on your site.
I think the hybrid idea has legs. As Courtot says, whenever you have to gather and probe data, the idea of an appliance makes sense.
The health-care industry seems a logical fit, and when I asked Courtot, he said, yes, Qualys is working with Kaiser on just such a solution.