Proofpoint: Security, Compliance and the Cloud

Forrester analyst Chenxi Wang visited the Sunnyvale offices of Proofpoint yesterday for an update on what Proofpoint is doing vis-a-vis Software-as-a-Service (SaaS) and cloud computing offerings for email security. She has been Forrester's analyst for content security issues for several years now -- covering areas including email security, content filtering and web security -- and we were pleased to hear that she is also now covering cloud computing and SaaS security issues for Forrester as well.

Chenxi recently presented a teleconference on "A Close Look at Cloud Computing Security Issues" and if you'd like to see what she's thinking on this subject, you can download her PowerPoint slides here. There's some really interesting stuff in the slide deck, but the main points that she reiterates are that:

• The cloud has cost-saving benefits but carries security risks.

• Start with a compelling business driver and judicious feasibility before moving to the cloud.

• Use a security/privacy, compliance and legal checklist to minimize your risks.

Now these are general tips on adopting cloud computing applications and functionality. In our discussion with Chenxi yesterday, she was extremely positive on SaaS and cloud computing for certain types of security functions, especially inbound email filtering (which, of course, Proofpoint delivers with products like Proofpoint ENTERPRISE). In fact, Chenxi stressed that she tells clients that, "Using SaaS for email filtering, outsourcing it to the cloud, is a 'no-brainer' because of the cost savings and infrastructure simplification benefits."

Chenxi is a regular poster at Forrester's blog for security and risk professionals, which is well worth checking out, even if you're not a regular subscriber to Forrester's research services.