The City of Aspen in Colorado has a network
of over 500 devices and a dedicated network staff of three employees. It is one
of many lean IT organizations throughout the U.S. that continuously look for
outside services that can add security capabilities and are affordable.

“Everything
is connected to our network,” said City of Aspen Network Coordinator John
Sobieralski. He added that a major challenge the network constantly faced was a
growing number of malware attacks. “It reached a point where we were
experiencing as many as four or five security episodes a day,” Sobieralski
said. “As a small staff, we were working as fast as we could to clean up
infections.”

In the City of
Aspen’s case, a major source of malware invasions was websites employees accessed
that contained a lot of malware, which was then passed into the corporate network.

Another major
security concern for all SMBs is the impact of intrusions; this has become even
more worrisome of late as the number of mobile devices used in business continues
to grow. The situation prompted Mike Fey, Chief Technology
Officer at McAfee, to comment in
November 2013 on the
growing number of cyber malware attacks on mobile devices
, and in
particular Android devices.

These situations create a
soaring market opportunity for cloud-based security
solutions that can augment corporate resources in the fight against intruders
and security breaches.

A recent Gartner report predicts cloud-based
security services will increase in 2014 due to adoptions by SMBs
that lack the
internal IT resources to combat threats. In the same report, Gartner said secure
email gateway as a service is the leading revenue gainer for cloud service
providers in the security space, and that it will likely attain $1 billion in
annual revenues by 2017. The cloud security as a service area that is likely to
grow the fastest between now and 2017 is Identity and Access Management (IAM),
which Gartner projects at a 28.3 percent combined annual growth rate.

“Within the IAM space, interest in cloud-based security has
been driven mostly by SMBs’ needs to extend their basic IAM functions and serve
employees who are accessing SaaS (software as a service) and some internal
Web-architected applications,” said report co-authors Ruggero Contu and
Kelly Kavanagh. “An increasing number of organizations seem to be adopting
cloud-based IAM services to replace IAM on-premises tools. Larger businesses
are often looking to use IAM as a mixture of legacy- and Web-architected cloud
and on premises applications.”

For
IT practitioners, none of these prognostications take on shape or
meaning until they can experience first-hand the improvements that can be made
to their security capabilities. For instance, the City of Aspen’s Sobieralski said that his department has gone from
witnessing “cycles of drive-by infections” to rarely seeing an
infection occur at all, thanks to the cloud.

The malware detection solution that
Sobieralski and his team use is founded on advanced analytics that monitor websites
and then develop predictive analytics about which sites are most likely to
contain and pass on malware. The solution can also assist Sobieralksi in monitoring
his internal network users to see which stations are accessing these sites and
even shut down access to the sites altogether.

There are cloud security solutions that track
and shut down lost mobile devices
, control access, malware, and spyware,
and more. These various options are becoming de facto methods for IT decision
makers at SMBs in particular, because those shops often lack the resources to
fight the growing legions of Internet threats.