SAN FRANCISCO – While some security vendors are betting big on the cloud as the future of IT security, Kaspersky Lab isn’t putting all its security eggs in the cloud computing basket. The Russian security vendor is adopting a hybrid strategy that leverages the best of cloud and computer-based security tools.
At its North American reviewers event to introduce its 2012 consumer security offerings, which will officially hit store shelves (and the cloud) in Canada next month, Kaspersky said it’s not possible to keep pace with the exponential growth in threats and new malware definitions through normal processes. With threats only now lasting for a day or two, by the time a definition is written, tested and downloaded the window may have closed.
Roel Schouwenberg, senior anti-virus researcher with Kaspersky, said they’re able to block malware much more quickly through the cloud than through an anti-virus update.
“It’s important to block these threats quickly because one week later these threat may be irrelevant,” said Schouwenberg. “With the cloud we can make it very tough for these guys to make money. We’ve seen criminals on the Russian Internet complaining it’s getting harder for them to make money.”
Kasperky is also using the cloud in a number of other ways, such as reputation-based application white-listing and black-listing. Threats can be identified and protected against in real-time, before the next signature update. Schouwenberg added cloud-based systems require less user intervention and decision than the traditional systems. Still, he said the cloud isn’t a security panacea.
“The cloud is not ready to be the sole bearer of protection,” said Schouwenberg. “For now, the hybrid approach is the way to go.”
Peter Beardmore, senior director of product marketing with Kaspersky, said while the cloud does offer faster and a greater breadth of protection, there are times when people don’t have a web connection and they still need protection.
“We haven’t done the cloud to the detriment of the tech that’s going on at the PC level. We’ve continued to innovate there,” said Beardmore. “It’s hybrid protection. We call it the best of both worlds.”
While some security vendors are marketing heavily around the cloud and even going all-in with cloud-based protection, Beardmore said one challenge is that cloud means different things to different people. Kaspersky uses the cloud in three ways: collecting threat data from different sources, including Kaspersky users; sharing threat information with users; and access to urgent databases by checking threats against a much larger cloud database in real time.
That’s one benefit, said Beardmore: a much larger threat database can be queried through the cloud than could be stored locally. But Beardmore said Kaspersky is still updating the local threat database for offline protection.
In addition to offline protection, he added going totally into the cloud could also introduce latency and performance issues, particularly in locations where reliable bandwidth quality or access is an issue.
Kaspersky’s 2012 offeringsKaspersky has increased its consumer SKUs over the last few years from two (Internet Security and Anti-Virus Security) to the six it offers today. Pure Total Security, launched at the Consumer Electronics Show in January, includes backup, a password vault and home network management. Small Office Security is aimed at small or home office users that were buying the consumer offering but would like additional business functionality, and launched four months ago. There’s also a Macintosh anti-virus offering, and a Mobile Security offering that has recently added support for Blackberry and Android.
The 2012 offerings are highlighted by a streamlined user interface that offers just the basic details at a glance, such as if the computer is protected and if the database is up to date, with the ability to drill deeper. New offerings and enhancements include a File Advisor to offer reputation information on a specific file with a click, URL Advisor support for Chrome and the newest Mozilla, and a roll-back tool to undo damage caused by a malicious program.
Follow Jeff Jedras on Twitter: @JeffJedrasCDN.