LAS VEGAS—At the Symantec Vision conference being held here this week, Symantec Corp. announced the extension of its backup software to the cloud and a partnership with Salesforce.com to provide stronger security for cloud-based applications.
The solutions are meant to address issues with the cloud that have been coming up in the press over the past few months. When recent server problems at Amazon’s data centre, for example, left companies like Foursquare and Reddit disabled or completely unable to function, it led to negative publicity and concern from companies considering cloud. And back in February when Gmail went down, it left a black mark on Google’s reputation for uptime and reliability.
Almost everyone in the industry agrees that cloud is here to stay—it’s just the next evolution of computing. But incidents like this make people more cautious about cloud.
The Amazon incident has been a little sensationalized, said Lauren Whitehouse, senior analyst with Milford, Mass.-based Enterprise Strategy Group (ESG). But it serves as a cautionary tale to those dipping their toes in cloud.
A lot of companies are built around cloud-based services and should have contingency plans by design or through experience. In other words, they should have a Plan B and a Plan C if something goes wrong, said Whitehouse. But some companies don’t do their due diligence and rely completely on a third-party provider. “If you don’t do your homework, what do you expect?” she said.
Cloud is well suited to many companies, she said, but backup and recovery should be part of their due diligence checklist. That means closely examining contracts for cloud services, paying for backup and recovery services, and perhaps even paying extra for storing data in multiple locations.
While companies want the lower costs that cloud promises, they’re still on the hook for the security of that data, said Francis deSouza, senior vice-president of Symantec’s enterprise security group. “Very often third parties are holding data that gets breached, but they’re still liable. The security bar is getting higher.” And not all SaaS providers are created equal, he said. “In the end you are required to attest to regulatory advisors that you know what’s happening with your data.”
This is one of the reasons behind its announcement of a partnership with Salesforce.com and a new security application scheduled to be available on the AppExchange, a marketplace for business apps in the cloud. According to the security vendor, Symantec Security Assessment for Salesforce is designed to provide visibility and transparency into the security and compliance of apps, whether those apps reside on-premise or in the cloud. This can also be integrated into the Symantec Control Compliance Suite, which allows organizations to define and enforce security policies for cloud-based apps.
Symantec also announced Symantec Enterprise Vault 10, Enterprise Vault.cloud and Cloud Storage for Enterprise Vault to combine e-discovery, data loss prevention and encryption, whether on-premise or in the cloud.
Information streams are evolving from e-mail to social networks, and archives are moving from on-premise to the cloud. A new feature in Enterprise Vault 10 is Data Classification Services (DCS) that analyzes e-mail content and metadata to automatically classify e-mail and assign the appropriate archiving and retention policy for that message.
Posts on public-facing social media outlets such as blogs, Facebook pages and Twitter feeds are considered business communications, and through new partnerships with CommonDesk, FaceTime, Hanzo and Socialware, Enterprise Vault 10 will automatically archive social media interactions for compliance purposes.
And in June, Symantec will continue its Symantec.cloud e-mail archiving service under the name Symantec Enterprise Vault.cloud, for e-mail storage management, legal discovery and regulatory compliance.
Storage in the cloud is a key consideration for small businesses since it’s so affordable right now, said Michelle Warren, principal analyst with MW Research. But they should consider how much it will cost for what size of storage and how accessible it is.
Small businesses should ask about tech support, she said, since cloud can be complicated and small businesses don’t always have access to tech support. They should also find out about the security policies of the cloud provider and how many layers protect their data from vulnerabilities. “Get the details from the provider,” said Warren. “It is hard to stick to one-number-fits-all here.” Generally speaking, uptime guarantees should hover around 98 to 99 per cent or higher.