But a certain dichotomy exists in a situation where different parts of the security value proposition come from different parties, yet security is something that is best treated in an integrated fashion.
"I think vendors are addressing it, but the truth is that security needs to be an inherent and integrated part of everything we do," said Gregg Pruett, general manager of Idaho-based CompuNet. "I think for now it probably does make sense to have the cloud provider handle security from the hypervisor on down. We will see how well Amazon does with this aspect. But the cloud is the perfect place for a security practice because it touches everything."
According to JD Sherry, global director of technology and solutions at Trend Micro, channel partners should build upon the security skills they learned through traditional resale.
"You can't jettison the best practices developed during the days of running your own data centers," he said. "These best practices need to be applied to the cloud, and security collaboration between the partners and the cloud providers brings a major opportunity for success."
"Cross-site scripting and SQL injections and zero-days will continue to happen, and they're going to be scary," he continued. "It's up to the partners and the customers to mitigate risk. Our adversaries are talented, and they leverage unpatched vulnerabilities. Security needs to be a fundamental attribute."
PUBLISHED MAY 3, 2013