As organizations embrace the cloud, whether public, private, or a hybrid, multi-cloud environment, their IT team is not only required to architect new networking platforms or infrastructures, but also figure out how to secure this new environment. Unfortunately, many of the tools these organizations currently have in place don’t always scale into a cloud or virtualized environment. And even if they do, they actually result in increased complexity because they often function as separate and isolated security devices, which can severely hamper such things as unified visibility and control.
At the same time, most IT teams are suffering from the growing cybersecurity skills gap, which means that even if they have the budget, they don’t have the technical skills or resources needed to properly manage these new environments, let alone integrate them into their existing security architecture.
Managed security services providers, or MSSPs, play an essential role in providing advanced security and compliance services to organizations undergoing digital transformation. Their ability to apply security solutions, establish consistent policies, and enable a single management view into the extended network fills a critical gap in many IT organizations.
Security7 Networks is an MSSP focused on delivering security and compliance services to small- and medium-sized enterprises. The company, focusing on intelligence in depth, provides an innovative suite of products to help customers identify risk, improve their ability to defend against cyberthreats, and centralize visibility and control. For several years, Security7 has used Fortinet products to deliver cloud-based security services to its customers.
We recently talked with Security7’s chief technology officer, Brian Thomas, about his company’s business model and the critical security elements Fortinet delivered as it migrated its security services to the cloud.
Security7 moved away from offering traditional, on-premise managed network and security services in recent years. Why?
Thomas: Over the last several years, we have seen a substantial shift in the way attacks happen, with a huge increase in the sophistication and diversity of threats.
As use of the cloud gained momentum, it was clear that continuing to rely on conventional on-premise measures for protection would not be sufficient. We saw the opportunity to create a more intelligent, cloud-based, distributed strategy that would alleviate vulnerabilities for our clients.
What Fortinet products do you use to help deliver your services?
Thomas: The FortiAnalyzer VM was a key element of our evolving cloud-based model. The virtual appliance works in both the Amazon Web Services and Microsoft Azure environments. It aggregates log data from both Fortinet appliances and other syslog-compatible devices.
Our staff can filter the customized reports from the appliance to review traffic, events, virus attacks, web content, and email data. By mining this information, we can determine the best security stance for each of our customers and also help them assure regulatory compliance.
Security7 also uses Fortinet FortiGate next-generation firewalls in its data center to deliver high-performance and multilayered security to our clients. We also use FortiGates for internal segmentation and perimeter defenses. The FortiAnalyzer VM provides us with highly granular visibility across all of the FortiGates we have deployed.
What are some benefits for you in moving to the cloud?
Thomas: One big advantage is that the time it takes to onboard customers has been greatly reduced. We’re looking at tremendous improvements in terms of efficiencies that we have gained.
FortiAnalyzer VM helps make the customer onboarding process more efficient. Its ease-of-use and intuitive interface make it very straightforward to bring new team members online and for them to be immediately productive.
Do you also see an advantage in terms of managing your infrastructure?
Thomas: The cloud environment delivers greater peace-of-mind. Not having to worry about a large physical infrastructure is a huge boon to our business, and leveraging security-as-a-service and Fortinet cloud-based technologies have been a huge deal for us. Our cloud-based approach allows us to focus on adding value to the business.
What are some benefits to your customers?
Thomas: The cloud allows us to offer a leased security-as-a-service model that provides our clients with highly predictable expenses. With a physical on-premise infrastructure, they were tied to a protracted time-to-value investment.
For Security7, delivering a cloud solution has enabled us to operate our own business much more efficiently in terms of applying a straight operating expense model to everything. We can now offer our solutions on a monthly or annual basis. We like to make the fees predictable and easy to calculate so a customer knows the exact cost of adding new resources and capabilities.
Fortinet has been a long-time staple for Security7. Fortinet’s strong portfolio of integrated on-premise and cloud-based solutions enables us to offer seamless protection to our clients.
This Q&A originally appeared in CSO.com.
Read more about securing the dynamic cloud environments of today.
Read more about how digital transformation is impacting MSSPs and the business opportunities this presents.