top of page

Cloud Security

Scroll Down

Overview

Data is aptly referred to as the 'new oil' as it not only provides historical information but through predictive analytics can also provide vital information on future trends. Hence, data acquisition, storage and utilization is the cornerstone of every organization.  It is therefore important that due care is taken to maintain the integrity of data and ensure that is it protected from malicious attacks and misuse. With the growth of data-intensive applications, there is a greater need for data storage and processing resources. Companies are moving from the Private Cloud to Public cloud environments, or require 'Cloud Bursting' from private to public as and when required. 

 

Global Perspective

Based on Gartner research, the global demand for Cloud Security is estimated at around $8.9 billion by 2020. A significant portion of this demand will be in IAM (Identity Access Management) and IDaaS (Identity-as-a-Service) with an estimated market of $3.4 billion. Secure Web Gateway and Secure Email Gateway will account for $970 million and $873 million accordingly. 

 

Security Partner

With a strong emphasis on a consultative approach, Simage sees itself as a reliable partner to companies in the scoping and provisioning of cloud security services. Our focus is not only on IAM and IDaaS, but together with our partners also on securing data in transit and protection of Virtual Machine instances in the Cloud. 

IAM and IDaaS

Security of the service and good user experience are key for companies to growth their business and acquire new customers. At the same time these companies have to ensure that their reputation is not affected by unauthorized access and identity theft. From the users' perspective it is always a hassle to manage multiple user profiles and passwords to access different applications. 

 

Keeping these challenges in view, Simage offers a comprehensive solution for Identity Access Management that makes it possible for companies to make sure that there is no unauthorized access to their services and also convenient for their customer and employees to access the various services without the need for multiple sign ons. 

 

Simage provides complete lifecycle management of the user identity with audit reports. Provisioning of the identity access can be done via various means depending on the customer requirements. The user can use secure token or mobile app for identity authentication. Out-of-Band authentication can be provided by the Push Authentication using the mobile app. 

 

The solution can also be used for SSO (Single-Sign-On) to access services from various partner service providers. This makes it easy for the company to expand their services through various partner networks with Federated Identity. This also ensures convenience of use to their clients. With regards to transmission of authentication data, Simage uses protocols like the SAML (Secure Assertion Markup Language) protocol and OpenID Connect. 

The solution can be deployed in-premise by the service provider or can be hosted by Simage under a IDaaS agreement. Hence, the service is flexible as well as cost effective for the service provider. 

Data in Transit

Today's data intensive services and applications require high throughput in data transmission. Hence the need is greater than ever to ensure that large amounts of data is transmitted securely in a short time interval. Global demand for voice and video services have compounded the requirements to securely transmit high data volumes. 

 

When it comes to encryption of data transmission the option is normally between Layer 2 Encryption vs Layer 3 Encryption. Layer 2 is the data-link layer of the OSI model, whereas the Layer 3 is the network layer. When it comes to large data volumes the Layer 2 Encryption has significant advantages compared to Layer 3 based IPsec Encryption. For example, it has low latency and high throughput. 

 

Simage, together with it partners, provides a complete solution for Layer 2 Encryption of data in transit. Advanced encryption standards including AES are employed to secure the data. 

 

VM Instances

In this age of virtualization, applications are operating as VM (Virtual Machines) in the Cloud. In the traditional in-house data centers companies can secure the access to the servers, however when their applications are operating as VM instances in the cloud a different approach is required to secure the applications. In the public cloud applications from multiple companies can be operating as VMs utilizing the same resources in data centers like VMWare, Microsoft Azure, etc. It is therefore imperative that these VM instances should be protected from intrusions and cyber attacks. 

 

Simage, together with its partners, can provide security solutions for virtualized environments like VMWare, Microsoft Hyper-V, Oracle, and others. The solution provides a single console to manage various virtualized environments hence providing a centralized approach and easy for management. Various security layers are provisioned including firewall, antimalware, targetted attack defense, etc. 

 

 

bottom of page