Apps accelerators tackle security

Companies that specialize in helping businesses speed delivery of their applications and Web content are increasingly involving themselves in IT security as the continued proliferation of systems-defense technologies has become a potential roadblock to the performance and quality of the services they already provide.

Business leaders at applications acceleration providers like Akamai Technologies and Symphoniq contend that as their customers continue to layer additional security devices and programs into their IT infrastructures, they are creating new obstacles to maintaining swift delivery of everything from customer-facing e-commerce systems to supply chain networks shared among partners.

As a result, the technology and service providers are moving to help growing numbers of their customers find the most effective manner to tailor their security systems in a way that reduces the strain on their applications while maximizing protection.

Security has always been a major consideration in the applications delivery world, but the continued explosion of new technologies that customers want to utilize to prevent attackers from compromising their systems has forced companies like Akamai -- which claims to handle performance and availability issues for 300 of the top 500 e-commerce sites in the world -- to up the ante in recent years, executives said.

"As an overlay on the network, we're an overlay for users both good and bad who want to access to these applications," said Keiran Taylor, senior director of product marketing at Akamai. "Whether you're talking about denial-of-service threats or other types of attacks carried out against these systems, in many cases we're actually the first line of defense that can thwart something before it harms an enterprise customer."

In addition to a number of homegrown technologies that the company already uses to ensure that its customers' applications and sites are running at full speed, many of which are delivered as an element of its core services -- such as tools that monitor for activity that might indicate emerging DoS attacks -- Akamai also sees new business opportunities helping companies deal with other security-related headaches.

Earlier this month, the company launched its first service aimed at aiding customers who process credit and debit cards maintain compliance with the Payment Card Industry (PCI) Security Standards Council's DSS (Data Security Standard).

Backed by the world's largest credit card providers, the PCI DSS mandate requires businesses to bolster their security systems to protect cardholders' sensitive personal data.

Akamai's service includes additional "assurance" for securing card data involved in online transactions as well as its new Dynamic Site Accelerator PCI service, which includes an audit management portal, systems configuration validation tools, infrastructure scanning reports, service integration guidelines, and an SSL network tailored to meet the regulation's specific terms.

Thus far, the PCI service is only available as a beta, but Akamai is planning to make it a commercial offering in 2008.