Hot on the heels of the EPP Magic Quadrant, Gartner published a paper in February 2016 titled "Why a No-Cloud Policy Will Become Extinct". They provide some good reasons for this prediction, but in delivering our product as a cloud-based service, we have developed a unique insight: the primary reason for the rapid adoption of cloud-based services is that it helps vendors provide a service that is Better, Faster and Cheaper.
A cloud-based service enables us to deliver the 'whole product experience' for CylancePROTECT®. Our customers frequently run into situations where they need expert advice. For example, they may find an application in their environment that needs further analysis before they allow it into their network. With a traditional on-premise console, they would have to extract all the evidence from their console and share it with an analyst who is either an employee or a consultant.
With a cloud-console, they can initiate the request by simply logging a support ticket via email. We have a dedicated Cylance Threat Analysis Team (CTAT) of ninja reversers who can get all the data from the tenant and provide a report within hours (note: our CTAT service is opt-in for customers). This benefits the customer as they do not have to use their employees' bandwidth or rely on burst capacity from new consultants. Instead, they get a very reliable analysis report created by a specialized team who are dedicated to doing threat analysis 24/7.
We are also able to deliver cross-tenant information very easily in an anonymized fashion. Let's say the aforementioned application was found in 20 other tenants, and every customer decided to block the application. This anonymous information is tremendous as it helps you make a quick decision by leveraging the wisdom of the crowd:
We launched CylancePROTECT in March 2014 and worked diligently to deliver features that customers actually want. Back then, we did not have many key enterprise features like Syslog support, APIs, Active Directory integration, etc. But based on customer feedback, we were able to implement feature requests within months of closing deals.
Here is a list of key features we delivered in 2015:
Now, let's say, you’re a customer who wants the Application Control and Syslog feed. These features shipped three months apart. If you were using an ePO console, it would have required a DB+Application upgrade every three months with potential downtime. With a cloud-based service, you get these features as soon as they ship without having to schedule the upgrade or finding the appropriate time and resources to do it. (Did I mention, Cylance ships new features on a monthly basis?)
Not only does this model help you get new features quickly, it also reduces support turnaround time. With an on-premise console, the support team must know the exact combination of server and agent to reproduce/troubleshoot issues reported by the customer. In a cloud-based model, this is not an issue, because all customers are using the latest version of the server. This also means we spend fewer hours fixing bugs on older versions of the server, which enables you to get new features faster.
Cost and ROI are frequently calculated at a superficial level, often leading to the conclusion that the subscription pricing model most cloud-services use is more expensive than the perpetual pricing model used by on-premise software. For example, let's say our service costs you $100K/year, whereas you could get perpetual pricing for on-premise software for $200K plus 20% annual support and maintenance cost. For the first three years, the subscription pricing is cheaper, but this inverts in the fourth year, after which subscription pricing is more expensive.
The problem with this calculation is that it ignores the real cost of hardware/software upgrades, honoring SLAs by monitoring the performance/scalability of the server, securing the service through pen tests/reviewing audit trails/fixing vulnerabilities, and scaling the product to meet business needs, just to mention a few.
Let's use Mcafee's ePO to illustrate the impact on your business, because ePO is considered the gold standard of enterprise security consoles due to its wide deployment. McAfee claims you can manage more than 200,000 devices with a properly configured ePO, but they also provide a 150 page manual and fun tables like this to ‘help you’ with large deployments:
There are two main red flags with this approach:
- * Your IT team has to first read a big pile of documents and learn how best to deploy this server and maintain it to meet the future needs of the business. (Yes, you could hire consultants to help, but that just increases the overall cost of deployment and maintenance.)
- * If you have a business that is growing rapidly, the deployment architecture will have to change over time to accommodate new growth.
Thanks to our specialists, Cylance is able to solve both these problems for our customers without breaking a sweat. Our DevOps team is responsible for deploying our product to multiple regions (North America, APAC, EMEA), maintaining uptime SLAs, and ensuring scalability. They use tools to monitor system health and collaborate closely with our Engineering team to overcome bottlenecks before customers even notice an issue. We have also architected our product to be horizontally scalable, which is a fancy way of saying we add more servers in the backend when the load increases, without customers having to request an increase.
If you factor in these points, using a cloud-based service is too good a deal to pass up.
After all, who would say no to Better, Faster AND Cheaper?