Article Details

Article Image
"There's no more debate. When you don't own the network, it's open to the rest of the world, and you don't control the layers of the stack. The cloud - by definition - is more insecure than storing data on-premises."

By Rick Clarkson, Signiant VP of Product Management

link text

Over the past few years, hesitation around SaaS adoption has rapidly dissipated as business leaders realized the operational advantages of cloud based software. Yet one major concern still lurks among those responsible for the technology future of their companies.

North Bridge Venture Partners recently released the results of its comprehensive Future of Cloud Computing survey. And, even though 60 – 80% of respondents plan to make significant moves to the cloud within the next year or two, almost half expressed security concerns. In fact, security came in as the #1 inhibitor of cloud adoption across all industries.

And it’s no wonder. If data never leaves your on-premises network, you can control how secure it is. But, layers of security risks arise when you start considering cloud based services, including data transfer, data storage, software interfaces, user access and data separation.

"There's no more debate," said Rajat Bhargava, co-founder of JumpCloud, a cloud security startup out of Boulder, CO. "When you don't own the network, it's open to the rest of the world, and you don't control the layers of the stack. The cloud - by definition - is more insecure than storing data on-premises."

Why does cloud adoption continue at such a high rate if security concerns are so high?

As noted in the survey report by Jim Morrisroe, CEO of Piston Cloud Computing, “Agility, reduction in capital expenditures, and reduced operating expenditures – in almost 100% of the situations – have been the primary drivers of cloud adoption.”

For most companies, the operational benefits of cloud based software still outweigh the risks. However, when it comes to file transfer software, there is a way to get the best of both worlds — the peace of mind that your data is secure and the operational prowess of SaaS — through a hybrid SaaS solution.

Especially if you need to transfer large or important files and data sets, the unique hybrid SaaS architecture pioneered by Signiant may be the best option.

How Signiant developed hybrid SaaS to addresses security concerns when moving large and important files

Signiant’s file transfer software was originally created to move huge code bases around the world for global software development. During the mid 2000’s, Signiant’s on-premises solutions were adopted by some of the largest Media & Entertainment companies as they transitioned from tape to file-based workflows, and needed highly secure, fast transfers of large files.

More recently, Signiant embraced cloud software design with a commitment to the same level of file security as our enterprise on-premises solutions provide. Hybrid SaaS was the result.

In order to achieve high security, Signiant borrowed some concepts from Software Defined Networking (SDN). In SDN, the separation of the control plane (the part of the network responsible for routing and directing) from the data plane (the part that carries the traffic itself) allows network resources to be virtualized and much more easily adjusted to meet growing business needs.

“The hope [with SDN] is that by separating the smarts from the brawn, the underlying hardware can become cheaper and interchangeable (avoiding vendor lock-in) while the overarching software becomes more capable and faster-evolving,” said Mat Mathews of Plexxi in an article for Wired.

As SDN concepts translate to SaaS file transfer, the data and control planes are likewise separated. An independent data plane allows for higher security measures to be enforced around data transfer, data storage, data separation and access.

It also allows for a “storage agnostic” element in the software that integrates with user’s on-premises storage or their own cloud storage tenancies like Amazon S3, Microsoft Azure and Google Cloud, providing the freedom to strategize about where different security level files are stored, how to best utilized limited on-premises storage space, and freedom from vendor lock-in if cloud storage is needed.

Meanwhile, the control plane can continue to evolve and adjust automatically through the rapid innovation unique to SaaS and Agile software development practices.

Designing SaaS with Security in mind from the beginning

Unfortunately, security measures are often an after thought in the design of many SaaS solutions, rather than being a guide for design from the beginning. Every software engineering team needs to be educated in not only security functions (authentication, authorization, data confidentiality, data integrity, non-repudiation and availability), but also secure design principles in relationship to the assets that need protecting in the environment particular to their software.

Too often, security functions are implemented in ways that don’t actually provide protection, with the only viable security functions pieced together in response to security breaches.

Hybrid SaaS is the result of engineering and product teams — with high expertise in secure design principles for large file transfers — thinking first and foremost about security while moving into cloud software design.

While hybrid SaaS may not be the only approach to designing secure SaaS, it is an example of the kind of thinking needed to get there.

Back to all News