Security for the cloud or security from the cloud? Planning for business

Shaun Donaldson

August 20, 2015

Security for the cloud or security from the cloud? Planning for business

There is a lot of talk about “cloud security”, but that simple phrase can mean many things. In general, we should split the conversation between: 1) security for cloud, and 2) security from the cloud. Within the latter, there are distinctions. For example, many security vendors leverage global networks (a cloud, in other words) to enhance protection by sharing vast amounts of threat intelligence across protected endpoints everywhere. Another example is hosting endpoint security management in the cloud. Ideally, endpoint security solutions leverage cloud in many ways, but let’s drill into the benefits of using a cloud-based endpoint security management console.


The most obvious advantage of using a cloud-based management console is cost savings. If hosted on-premise, often a Windows server and a database are needed. Even if the management console is a virtual appliance, server hardware is required. For smaller organizations, the capital costs of hardware can be a significant burden, while ongoing maintenance contributes to increased operational costs.


If redundancy is required, multiple on-premise management console instances must be deployed. When a third-party is hosting the management console, they are responsible for providing high availability, back-up, and other measures to ensure availability. These additional costs often lead smaller organizations to forego redundancy if using an on-premise solution.

Global Availability

Another struggle for organizations, small and large alike, is providing globally available management. Larger organizations have the means to split management functionality such that a management relay can be made available from their DMZ, while the rest of the management infrastructure is protected on an internal network segment. Even then, only very large organizations, and cloud providers, have the means to leverage multiple ISPs. With endpoints spanning internal networks, desktops, laptops, mobile devices, and public cloud, providing robust global availability can be costly. With a cloud-based management console, it’s built-in.


Organizations that are able to provide highly available endpoint security management with global reach know that procuring hardware and setting-up the system is only part of the cost. Ongoing maintenance of every part of the system is essential. This creates an ongoing cost challenge, the least of which is not the cost of experts to run the system. While management consoles packaged as a virtual appliance, such as the on-premise version of GravityZone, can lower these costs, it can still be overwhelming for smaller organizations.


Leveraging a cloud-based management console is a smart way for organizations to take advantage of the same endpoint security used by large organizations, without having to take-on cost and maintenance challenges. Bitdefender uses leading cloud providers to deliver GravityZone as a cloud-based management console.

GravityZone protects Windows, Mac, and Linux systems running in Amazon Web Services or other public clouds, private datacenters (virtualized or physical), as laptops, desktops or servers, along with Mobile Devices and Exchange servers.

For more information, or to try free for thirty days, visit




Shaun Donaldson

Shaun Donaldson is Editor-at-large at Bitdefender Enterprise. Shaun is also responsible for supporting relationships with strategic alliance partners and large enterprise customers, and analyst relations. Before joining Bitdefender, Mr. Donaldson was involved in various technology alliances, enterprise sales and marketing positions within the IT security industry, including Trend Micro, Entrust, Bell Security Solutions and Third Brigade.

View all posts

You might also like