This post is by Ted Julian, SVP of Product for Devo.
For cloud-native organizations — those begun in the past decade or so — obtaining critical services from other cloud-native companies makes sense. After all, the whole point of being cloud native is to avoid physical infrastructure wherever possible. You want to focus on your business, not managing the systems and infrastructures that support it.
That strategy applies to your logging and security information and event management (SIEM) solution, as well. This post presents four reasons cloud-native organizations benefit from working with a cloud-native log management SIEM company:
- Avoid the burden of on-premises infrastructure management.
- Save money.
- Enjoy state-of-the-art service that is secure and compliant.
- Benefit from economies of scale.
#1: Why Go Backwards? Avoid On-Prem Burdens
Does it make sense for a cloud-centric organization to have on-premises logging and security operations? Simple answer: No.
If your business is in the cloud, why backhaul your traffic into a physical infrastructure. First, you must deploy those systems, then you need to manage them from that point on — OS updates, patches, compliance checks, all the alphabet soup that goes with managing systems.
Most security teams lack the ability to efficiently deploy a server on the network, which means they need the IT team or outside vendors to do it. Then you’ve got to set up all those secure connections so even when you have these aggregation points deployed, you then must connect them to each of your SaaS properties so you can get the telemetry required to fire off alerts, etc. And over time, passwords need to be reset or infrastructure might need to be moved around to maintain connections that are stable, secure and properly configured.
Conversely, when you’re using a cloud-native SaaS solution, it’s pretty much as simple as configuring your credentials and maybe configuring an API key to ensure it’s secure. That’s it. With a cloud-native logging and SIEM solution, all the work to set up, operate, update and monitor your security infrastructure rests with the SaaS provider.
#2. Cloud-Native Saves Money
In an on-premises deployment, whether you do the physical setup and management on your own or hire an outside vendor, the cost — and the aggravation when a server fails or more capacity is needed — is on you. And it costs much more to expand an on-prem logging and SIEM footprint than a cloud-based SaaS solution.
As your organization and its data grow, the cost of using cloud-native logging and security analytics might increase, depending on the licensing model. To accommodate that growth, you’ll have to expand your budget, but your cloud provider will handle the rest. You’ll receive a reminder that you’re running low on storage space or you’re reaching your ingest capacity. You can take care of it with one click.
And don’t forget that a cloud-native logging and SIEM provider is more likely to have the integrations you’re looking for and is probably going to be more aggressive about adding the required new ones, simply because that’s their area of expertise. On-premises providers typically have a huge laundry list of legacy integrations, connections and configurations. That makes it challenging for legacy players to have one foot in the on-prem universe and make those customers happy while also trying to be cloud-forward to attract and retain cloud-native customers.
Another thing to consider is the cost of switching. If you’re on-prem, you know it’s going to be very expensive — and complex — to switch to another on-prem provider. Whereas cloud-to-cloud migrations — if you want to move to a new SaaS provider — are much easier to execute.
#3. Cloud-Native Solutions Deliver Strong Security, Compliance and Scalability
As a cloud-native organization, you know how much innovation and money has been invested to provide a secure yet flexible and accessible environment for SaaS, PaaS and IaaS solutions. The largest, most widely used cloud-computing providers — Amazon Web Services, Google Cloud Platform, and Microsoft Azure — became best of breed because of their commitment to innovation, particularly in providing the most secure customer environment possible. The idea of an on-premises solution coming close to matching the performance and security of these large cloud providers is, to be blunt, unrealistic.
Devo leverages the sophistication and innovation of cloud industry leaders and combines it with our laser focus on secure logging and SIEM to meet the needs of our customers now and in the future.
Scalability also plays a vital role in a successful cloud-native deployment. Our customers benefit from Devo’s ability to deliver secure multitenant cloud solutions. We also enable customers to easily segregate roles and responsibilities, such as role-based access control (RBAC). That level of detail is especially valuable for very large enterprises.
#4: Take Advantage of the Cloud’s Economy of Scale
Because Devo operates as a SaaS platform, our consumption metric is very basic: it’s only data ingest. This enables us to offer increasing levels of capability on an all-you-can-eat basis. This is something on-prem solutions providers can’t match. On-prem solution customers pay on a user basis, often in addition to a module or capability basis where you break your platform into chunks, and you sell each of those chunks separately because it’s the only way they can monetize that functionality.
With a SaaS provider such as Devo, you get it all. Large customer or small, it makes no difference because of the cloud’s economies of scale. Core platform, ITOps, SecOps — you get it all. And you only pay for what you ingest. If your ingest is modest, you get a tremendous amount of functionality very cost-effectively. Organizations of all sizes get great value for their money and don’t pay for what they don’t use.
Compare this to the way most customers of on-premises logging and security analytics solutions feel nickel and dimed. They pay more to add users, for a new module the vendor is pushing, or some other consumption metric. There’s a lot of frustration in the SIEM market specifically, as we know, because of this behavior. Who needs frustration when you can have a cloud-native logging and SIEM solution?