Our website makes use of cookies like most of the websites. In order to deliver a personalised, responsive and improved experience, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information. By clicking continue here, you give your consent to the use of cookies by our website.


US application networking business A10 Networks has launched aCloud Services Architecture for businesses looking to improve application performance and security in multi-tenant cloud data centres.


Cloud information protection business CipherCloud has acquired CloudUp Networks, a privately held provider of SaaS application security to create a new end-to-end security platform to protect sensitive data in the cloud


Alex Ball, UK & Ireland Manager of virtualisation data protection business Veeam looks at strategies for backing up and more importantly restoring your data with a private cloud infrastructure

Nigel Moulton, CTO EMEA of VCE recommends a few tips on striking the right security and infrastructure balance to ensure your organisation is prepared for the cloud.

Wednesday, 15 January 2014 09:57

Cloud security issues maturing


Security is still a concern when procuring cloud services, but as the technology matures, so are the attitudes of businesses towards it

In our continuing look at what’s expected to happen in 2014 in cloud, Debra Ames from MTI Technology sees a growth in demand for SECaaS (Security as a Service) to complement managed and cloud services in 2014.

Name – Debra Ames

Role – Director Sales Operations & Strategy (Marketing & Business Development)

Organisation - MTI Technology

What were the big issues businesses faced in 2013 when adopting cloud? - Clients and partners continue to have concerns around security and data sovereignty, as regulatory and compliance requirements become ever more complex and stringent. Having the surety of where and how data is stored, protected and securely managed is essential. The financial predictability, flexibility and business agility that tailored service contracts offer with the right SLA appeals to the C-Suite, but having the right resources and skills to lead IT transformation, to take advantage of cloud services and to make the right strategic investment decisions across the myriad of choice available in the market is a real challenge.

Interestingly at this year’s EMC Forum, James Petter, EMC VP and Country Manager for UK & Ireland, shared the results of an independent survey which revealed that in 2012 70% of businesses believed they had the right skills and resources to support business requirements and IT Transformation, but in 2013 this figure had reduced to less than 50%.

How much do you expect the cloud market to grow in 2014? - To put a figure on growth predictions is a challenge that analysts haven’t been able to manage for 2014. Gartner's top 10 IT predictions for 2014, include the cloud becoming an even more integral part of all IT needs and that companies need to start preparing for an influx of mobile device usage in the workplace and MTI has already seen these trends emerging heavily throughout 2013.

From our experience in the market we have no doubt that ‘cloud services’ will continue to exhibit strong growth in 2014 and we are predicting 100% growth for MTI’s managed services. 2012 was the year of evangelism, 2013 was the year for commitment to serious research and proof of concepts, but 2014 will bring further clarity around strategy and investment.

What are the big growth areas for cloud? - We have a significant roadmap planned for expansion, both organic and through acquisition to meet response to market, client and partner feedback. We are looking to further develop our SECaaS portfolio to potentially include Compliance as a Service, CrimeWare, Identity and Malware as a Service and further SIEM capability (Security Information and Event Management).

Additionally for several years the market has been moving towards collaboration and in 2014 we expect this side of our business to also show significant growth.

Cloud security does anyone care anymore? - Market demand and feedback from our clients and partners has helped fuel our roadmap development for our SECaaS (Security as a Service) portfolio, so this only serves to reinforce that security remains a key concern.

Clients and partners want to know where their data resides, that service contracts and hosting locations meet the required security, compliance, governance and data sovereignty regulations, whether specific to an application or a particular market. We also find that they’re keen to use specialist resources through a service contract to complement in-house skills, catering for any gaps or areas of vulnerability.

We see it as essential that any service provider incorporates every aspect of security through initial assessment of requirements, service design, transition and contract, to mitigate risk. It’s also essential to have a plan for remediation in the event of a security breach or issue and that clients and partners are confident they will be able to speak to an expert, in the event that they encounter any issues.

Are standards a big issue for businesses when considering the cloud? - For the mass consumer market, standards may appear less important. For a business that is looking to entrust a service partner with their data, whether in a private, public or hybrid cloud environment, selecting a partner that has achieved recognised Industry Standards as set out by the relevant regulatory body, is essential to mitigate risk.

If you had to bet on a single cloud standard which would it be (OpenCloud / OpenStack/ Azure/ VmWare etc)? - It’s an interesting question. We’ve invested in research and development and incorporated both VMware and OpenStack into our service offerings to date, all of which are built on enterprise class platforms, using reference architectures.

A few years ago there was more of a disparity in the market, so the standard selected would depend on application and service requirements, but the gap is closing and it will be interesting to see who will be in the top right of the Gartner Magic Quadrant in 2014-2015.

Will Microsoft and Azure be a threat to Amazon in 2014? - Forrester published an interesting update on this topic. Their view is that we’ll stop equating cloud with AWS in 2014. While AWS continues to be the dominant player in the public cloud platform space, 2013 saw significant competitive growth and a growing stable of legitimate private clouds. Microsoft Windows Azure added IaaS capabilities, which resulted in significant growth and adoption. Google, IBM, HP and Salesforce.com also increased their platform plays and saw strong growth as a result. Several leading enterprises showed they can deliver true private cloud value within their walls, such as Comcast, Concur, PayPal, CERN, MIT and CTrip, who all spoke about their OpenStack based clouds in Hong Kong.

There will always be market leaders and challengers and we can learn a lot from their innovation, to then develop best of breed services to complement or rival should we spot an opportunity in the market. As AWS have commoditised cloud services to the consumer so well, smaller service providers could develop a broker service, not for mission critical services or applications but for burst services where basic elastic capacity is required for a project. The value would be in the additional services such as the orchestration layer and granularity of reporting not offered by the consumer cloud. Possibilities to be creative to meet market requirements, deliver differentiation and competitive advantage are endless.

What key cloud issues are businesses going to be facing in 2014 (latency, bandwidth, security, standards etc) - Essentially, as long as the potential cloud services partner understands the requirements and objectives of the business, they should be able to tailor an appropriate contract, whether in a private, public or hybrid cloud environment.  They should also be able to offer flexibility around a staged service transition, which is usually the preferred approach, especially in large, complex environments.

What are your tips for selecting a good cloud supplier? - Unfortunately we’ve seen some high profile organisations encounter financial difficulties over the last 12 months, which has significantly affected some of our clients and partners that had invested in a service contract with those organisations. So clearly, initial due diligence around financial stability is important.

Always ask about an exit strategy, just in case there should be any unforeseen challenges during the lifecycle of a service contract. If the potential partner doesn’t spend time in gaining an understanding of business requirements and objectives, and these aren’t reflected in the proposed service contract, this is usually a good indication that there may be some challenges ahead.

If the business is making a significant investment for a mission critical application or business critical service, select a partner of the right size, with financial stability, a strong continued plan of investment and relevant roadmap, that can offer the appropriate coverage, but of a size where you as the client or partner are going to be important to them, not lost in the ether.

Unless it’s a very short-term tactical investment, also ensure that there is synergy in the culture and that this is reflected right across the business, from the board level executive sponsor to the team that you engage with at the operational front line.

Is the UK ahead of the curve in your area of cloud, and will that continue into 2014? - US-owned organisations have usually taken the lead, not just in cloud services but most areas of technology and service delivery. Certainly this is true when it comes to enterprise investments being made and referenced, but as technology and communication barriers lessen, we see the gap closing between global regions. When we look at technology developments from Asia Pac, it will be really interesting to see how this position changes over the next few years.

SAAS, IAAS, PAAS, DAAS, NAAS where next? - There is so much development planned across the cloud market over the next few years. We expect more innovation and enhanced functionality across the whole XaaS portfolio, with better orchestration and portal offerings to enhance the user and management experience.

Certainly we see a growth in demand for SECaaS (Security as a Service) to complement managed and cloud services. Services will also continue to mature, knowledge, confidence and investment will increase and some form of cloud service will form part of most business strategies by the end of 2015. Traditional technology organisations must also incorporate cloud offerings into their portfolio or form collaborative partnerships to meet market demand.

In cloud, as in life, price isn’t everything, even though people tend to focus on perceived cost savings from cloud over traditional IT deployments. It’s a much wider message. The right cloud solutions and services can really make a difference to business agility, transformation and growth as well as contributing to risk mitigation and improved operational efficiencies.

Is there something important that we haven’t asked you about? - This is a shameless opportunity to mention what we believe makes MTI different, and our business outlook. At MTI we care for our clients’ and partners’ businesses as our business. We try to think and act like business partners by working hard to understand the market, the challenges and objectives of the business so they become our objectives. We form a mutual plan, aligning risk, aspirations and incentives to demonstrate true partnership and to ensure we deliver real and lasting results. We understand that each organisation is different and therefore we offer holistic, tailored solutions and services, based upon both common and unique requirements. Our committed, highly motivated people care about the relationships we build, becoming a valuable extension to our client and partner teams. We believe this is the primary reason our clients and partners would recommend MTI.

MTI Technology in a nutshell

Year business established - 1988

Employee numbers - 250

Turnover - $120 million+

Head office location – Global Head Office - Godalming, Surrey

Business Website URL - http://www.mti.com

What cloud products and services does your business offer? - MTI offers a range of private, public and hybrid cloud solutions and services. Conscious that there are still many definitions of ‘cloud’, the MTI portfolio includes: Remote Infrastructure Management (RIM) and a variety of XaaS (Everything as a Service) offerings, including: AaaS (Archive as a Service), BaaS (Backup as a Service), BCaaS (Business Continuity as a Service), CaaS (Compute as a Service), DRaaS (Disaster Recovery as a Service), IaaS (Infrastructure as a Service) & STaaS (Storage as a Service), PaaS (Platform as a Service – eg Service Desk, Application Development in the Cloud), SaaS (Software as a Service) & DaaS (Desktop as a Service),  SECaaS (Security as a Service) and TaaS (Testing as a Service)).  All of our service offerings are built on enterprise class platforms, using reference architectures. We also have a range of complementary professional and consulting services such as our Cloud Readiness Assessment and IT Transformation Services. We have a constantly evolving portfolio to meet market, client and partner requirements.  We also have an ecosystem of global, strategic and collaborative partners which underpins our agility and enables us to scale quickly and diversify when required.

What sectors do you cover? - MTI has over 25 years of experience across public, social and private market sectors. We have over 2,600 worldwide contracts and 1,800 clients, including leading financial institutions, service providers, legal and professional service organisations, as well as charities and housing trusts. We also work with companies operating in the retail, logistics, manufacturing, media, entertainment sectors and work closely with energy and oil & gas companies. One of our key sector focuses is the public sector, in which we work with central and local government authorities, higher and further educational establishments and NHS Trusts.

What was your greatest business success in 2013? - Highlights include expansion into Manchester to support our clients and partners in Northern England and investment into our fourth MTI Solution Centre (MSC) in our Scottish Office. But the key highlight was February’s grand opening of MTI’s Secure Operations Centre (SOC), which offers global 24 x 7 x 365 support to clients and partners from our Global Head Office in Surrey. This has contributed to significant growth across our Datacentre, Security and Managed Services Practices and as a result we have seen the business surpass $120m in 2013.



Paulo Rosado CEO of new-to-the-UK platform as a service business OutSystems, explains what he thinks 2014 will hold and what were the big advances in 2013


We’ve asked a selection of leading cloud providers about what they think 2014 holds – Here’s NTT COM Security’s  Director of Global Security Strategy,  Garry Sidaway’s view on what’s going to happen to the cloud market in 2014


One third of IT departments are putting their business at risk by failing to have data retention policies in place, according to Peter Groucutt, managing director of Databarracks.


Cloud security business Panda Security has added some significant enhancements and new features to its Panda Cloud Systems Management (PCSM), the company’s remote management and monitoring solution.


Israeli cloud security business GamaSec has launched a new cloud security product GamaWare and is positioning itself to enter the lucrative US cloud security service market. 


Almost half of all of businesses require IT decision makers to evaluate cloud applications as part of every software procurement process, but cloud has some hidden dangers that many businesses are falling foul of


A new partnership between Palo Alto Networks and VMware has created a new integrated solution to automate and accelerate network security on cloud implementations virtual application deployments

FireEye launches a new service to leverage cloud-based virtual machine technology to protect against advanced email attacks

Fast growing US cloud security group FireEye – they ranked number one in the 2013 list of fastest growing communications/networking companies on Deloitte's Technology Fast 500 -  has announced it will be launching FireEye Email Threat Prevention, a new cloud-based email security platform designed to protect enterprise infrastructure from email-based attacks.

FireEye Email Threat Prevention is a part of the FireEye integrated set of solutions that protect organisations across Web and email attack vectors and provides protection against the advanced threats used to conduct advanced persistent threat (APT) attacks.

The new cloud-based service uses signature-less virtual-machine analysis to identify and block or quarantine emails that:

  •        Contain attachments that exploit known and unknown vulnerabilities
  •         Contain URLs that lead to malicious content
  •         Are part of a sophisticated multi-stage APT attack

FireEye Email Threat Prevention is built upon the FireEye Multi-Vector Virtual Execution (MVX) engine architecture and preserves the multi-threat vector correlation within the enterprise’s FireEye deployment. This allows users to utilise the FireEye Web security platform on-premise in concert with the FireEye Email Threat Prevention cloud-based platform for protection against blended attacks. Furthermore, FireEye Email Threat Prevention customers are seamlessly enrolled in the larger FireEye Dynamic Threat Intelligence (DTI) cloud, thereby benefiting from the entire ecosystem of FireEye customers.

“The recent success of spear-phishing attacks underscores the need to improve protection for brands, intellectual property, and data,” said Manish Gupta, FireEye senior vice president of products. “With the introduction of cloud-based FireEye Email Threat Prevention, FireEye is now providing enterprises and small and medium businesses a flexible way to deploy and consume industry-leading email security. With a complete portfolio of options, customers can now locate their mailboxes and advanced email solution wherever they require – on-premise or in the cloud.”

FireEye Email Threat Prevention will be generally available in early December 2013.


Exponential-e launches a new cloud service designed to combine the benefits of cloud and on-premise to businesses concerned over data security and privacy.



Security is often given as an excuse not to use the public cloud but Kurt Hagerman, director of information security at FireHost believes the public cloud is better secured than a dedicated cloud.

Brainloop has used their launch into the UK to warn businesses not get obsessed by protecting their internal systems, and to keep their security policies as simple as possible.

Page 9 of 9



255x635 banner2-compressed