CIO Review >> Magazine >> February - 2013 issue

Addressing security concerns in the cloud

By

Friday, February 1, 2013

Alex Salazar Stormpath is a developer of Identity and Access Management tools that power user security in any application. Headquartered in San Mateo, CA the company has amassed $1.5 Million in seed funding from Flybridge Capital Partners, New Enterprise Associates and Andy Rachleff.

The next wave of IT is API cloud services — IT and developers can now quickly assemble advanced applications by connecting API services and writing minimal custom business logic. In these Abstracted Architectures, companies experience huge increases in speed to market while dramatically reducing upfront implementation and on-going maintenance costs. Best-in-class services built and maintained by expert vendors through subscription or metered pricing are taking the place of large upfront software license agreements.

API services are booming across all infrastructure markets, from data management to messaging to monitoring and logging. There is a critical need in security, which is expensive to build and maintain and even more expensive to get wrong. The Stormpath API handles user security, identity management and access control – the demand for our service comes from companies that do not want to custom build infrastructure that – although critical – is not core to their business.

Delivering quality Applications

Businesses large and small and across all industries are making client-facing web applications a key part of their business models. These companies need to deliver applications that are scalable, feature rich, and secure – all without the budgets, engineering expertise, or IT resources that the major SaaS vendors have. This is especially true for companies in competitive markets and for high growth companies, where speed to market and costs are key. Supporting these applications presents a huge opportunity for vendors and shapes the requirements for cloud services, infrastructure vendors, and the industry as a whole.

One of the biggest gaps we see for organizations deploying public, cloud-based applications is security. Big SaaS vendors have dozens of engineers building and maintaining security to protect against the hostility of the public cloud. We focus on securing the application by offloading user management and security to a cloud service – it is the same quality of security as a major SaaS vendor, but with none of the maintenance.

Battling increased competition :

The biggest challenge is increased competition. The news is out that cloud continues to be a huge opportunity. Legions of entrepreneurs, engineers, and investors are clamoring to participate. With that, come throngs of smart and well-funded start-ups going after many of the same opportunities. Incumbents like IBM and Oracle are still mostly out of the game but I expect that to change soon, likely through a wave of acquisitions. Entrepreneurs need to not only execute but also build clear, valuable, and defendable differentiation. The opportunities are huge — cloud is here to stay.