What is Cloud-Delivered Security?

Cloud-delivered security is security technology that's designed to protect critical infrastructure, applications and data in the cloud, as opposed to being installed and maintained on premises.

Also referred to as security as-a-service, cloud-delivered security can be easier to implement and maintain, since the enterprise that delivers the technology is responsible for updates and maintenance. It can also be less expensive to acquire upfront, as it’s usually sold on a subscription basis where payments are spaced over time. By contrast, on-prem solutions typically involve a large one-time payment upfront for an appliance or software.

Cloud-delivered security also has the advantage of better matching the high elasticity of cloud environments, so capacity can scale up or down dynamically based on growing needs. While cloud-delivered security does have some advantages compared to on-prem security, it also has some drawbacks. These include less functionality, new considerations about the privacy of the technology being delivered (since a third party manages it), and possible data residency and compliance issues.

Organizational demand for cloud-delivered security formats differs by segment. At one end of the spectrum, some identity access management (IAM) functionality and email security are commonly delivered via the cloud. By contrast, firewall technology (or firewall as-a-service) has so far been relatively slow to move to cloud delivery.