is technology ubiquity a chance to re-connect security? greg day director of security strategy
TRANSCRIPT
Is technology ubiquity a chance to re-connect security?Greg DayDirector of Security Strategy
The changing technology landscape
• Circa 50% Source: Citi Investment Research and Analysis (support iPads)
• 150m a year (2015) Source: Ovum
• Q3 - 14.1m
12.1mSource: http://gizmodo.com/5667042/apple-sells-more-ipads-than-macs-on-the-way-to-record-20-billion-revenue
• Circa 50% Source: IDC, Data is freely intermingled
Computing Cycles in Perspective (from Morgan Stanley)
Dev
ices
/Use
rs (
MM
in L
og S
cale
)
1,000,000
100,000
10,000
1,000
100
10
1
1960 1980 2000 2020
Mobile Internet
Desktop Internet
PC
Minicomputer
Mainframe
10B+ Units??
1B+ Units/ Users
100M Units
10M Units
1M Units
What risks do they really bring?
• Banking services already targeted– Authentication– Vulnerabilities in the apps
• Heavily used for social networking
• Apps stores add revenue – 10,000,000,000+ downloads to date!– Worth billions per year!
• Less than 1000 viruses today due to diversity
Enterprise and LOB Apps
Web andSocial Media
Basic Services
Customer FacingApps
Mobile Enterprise Apps are Rapidly EvolvingWhat are your long term goals?
Approaches to Security on Smart Devices
• Segregate data (inc wipe)
• Secure 3rd party apps
• Security controls Sandbox Full device
• Mitigate on device attacks
Integration of Smart devices to your existing security strategy - Enterprise Mobile Manager
Database
Files
Directory
Applications
Certificate Services
Messaging
Enterprise Environment
WindowsMobile
Symbian
Android
webOS
iPhone
iPad
McAfeeEMM
IT OpsSupport Provisioning
Compliance
PolicyManagement
Security &Authentication
MobileDevice
Management
Virtualization Enables technology ubiquity
• Expect 50% of the enterprise data centers workloads to be virtualized by the end of 2012 (Gartner)
– Go green, decrease datacenter footprint, improve utilization– Enables faster response reducing application deployment and migration times
• But Gartner report that– Through 2012, 60% of virtualized servers will be less secure than the physical
servers they replace, dropping to 30% by YE15– 40% of virtualization deployment projects were undertaken without involving the
information security team in the initial architecture and planning
HypervisorHypervisor
VMVM VMVM VMVM
Is your security utilizing the advantages of technology?MOVE (McAfee Optimized Virtual Environments )
• Move security processing out of each VM – Offloading • Optimized with the Hypervisor to address scalability• Enables planned capacity ~60% more VDI density • Integrated management, responsive user experience, supporting persistent
and non-persistent desktops
HypervisorHypervisor
VMVM VMVM VMVM MOVE Virtual
Appliance
MOVE Server
McAfee EPO
Cache Synchronization ProtocolCloud
Threat Intel (GTI)
Scan Engine
Changing the way we apply security in the future
Application Control• Dynamic whitelisting• Trusted applications• Trusted sources• Memory Protection• No Updates
Change Control• Change configuration audit• File Integrity Monitoring and Change
Prevention• Prevents “compliance drift”
• Keep the bad stuff out• Stop unauthorized apps
“Greater protection, faster time to compliance, lower cost”
• Deny unauthorized changes• Enforce change policy
Integrity Control = Application Control + Change Control
Security ManagementThe Problem
Security Dashboard Modestly Helpful
Decision-making still manual Based on human correlation of
available information
Net Result
Dramatic increase in Information Risk and Costs to secure
Security Purchases are Tactical
Patchwork of independent products Requiring separate management
Threats Overwhelm Existing Approach
Many product types and security layers
Can’t continue to add resources to manage new events, products
Leads to Proliferation of Security Management Consoles and Reporting Tools
Anti-virusManagement Tools 1
Network Access ControlManagement Tools
8
Anti-spywareManagement Tools 2
Host Intrusion PreventionManagement Tools
7
Desktop FirewallManagement Tools 3
Data Protection (DLP, Encryption, etc.)Management Tools
6
Policy AuditingManagement Tools 4
Web SecurityManagement Tools5
SecurityLandscape
A Re-connection strategy:Security Connected
Optimizing a Security Architecture Requires
/ Centralized security managementOpen platform for centralized management and maximum interoperability
/ Real-time Threat Intelligence Actionable protection with the delivery of correlated threat intelligence and immediate visibility into enterprise-wide security posture
/ Multi-layered protectionEffective and efficient defense in depth provided by multi-layered security approach
/ Automated complianceCompliance-ready solutions which streamline prioritization of threat responses, reporting, policy and risk management
McAfee Global Threat intelligence - Intelligent Connected Security via the Cloud
EmailFirewallIPS DLPWeb AWLePO AV
File Reputation
Web Reputation Web Categorization
Network Connection Reputation
Message Reputation
Vulnerability Information
Threat Intelligence FeedsOther feeds & analysis
Servers FirewallsEndpoints Appliances
Mobile
PROTECTIONREAL TIME THREAT FEEDS (GTI)
ACTIONABLE INFORMATION
SECURITY METRICS
ePO
DLP Web IPS SIA
Endpoint
WhiteListing
Encrypt.RiskMgmt Email Firewall
Security OptimizationSecurity Management Platform: ePO
Executive
SecurityAdmin
IT Architect
Security Management Platform
McAfee’s Open Platform for Security Risk ManagementIndustry Leadership to Drive Better Protection, Greater Compliance and Lower TCO
SIA Associate PartnerSIA Technology Partner (McAfee Compatible)
Cost Model of Enterprise Security
19
RISK
OPTIMIZATION
Optimized spend ~4% with very low risk
Compliant/Proactive spend ~8% of IT
budget on security
Medium risk
Reactive spend ~3% of IT
budget on securityHigh risk Why has it been so challenging to reduce risk?
DYNAMICPredictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for response.
Tools BasedApplying tools and technologies to assist people in reacting faster
REACTIVE & ManualPeople only. No tools or processes. “Putting out fires”.