SonicWall's Medeiros: Five Security Takeaways
Facebook and malicious attacks that can enter a network at any point are here to stay, so the security industry needs scan everything that comes in and goes out of their networks -- no exceptions, said SonicWall CEO Matt Medeiros, speaking at a Churchill Club panel in Palo Alto, Calif. Thursday night.
Medeiros along with co-panelists Dan Glessner, vice president of enterprise marketing for Trend Micro; Willie Jow, vice president of business operations and mobility products for Sybase; Kenneth Silva, senior vice president and chief technology officer for VeriSign; and Adrian Turner, president and CEO of Mocana all weighed in on the impact of Facebook and social media on corporate security, the evolution of targeted attacks and security in the cloud.
The following are five takeaways Medeiros hoped to leave his audience.
1. Leave No Stone Unscanned
If there was one pearl of wisdom that Medeiros wanted to impart to the audience, it was that end users needed to do a much more thorough job of scanning any and all files that come into and leave the network -- a theme that Medeiros wove into every aspect of the panel discussion.
Medeiros said that all too often, end-users failed to scan files for malicious packets, citing reasons such as complexity, inadequate infrastructure, and lack of time and skills, or they chose to focus scanning data related to particular areas covered by the network, such as corporate headquarters.
However, scanning selectively often results in gaping security holes that enable malware and viruses to infiltrate the network and ultimately access everything, Medeiros said.
"I think the most important thing I'd say is scan 100 percent of your data. And that's not happening today. The majority of companies today don't scan all of their data. They say 'my files are too large, my security system doesn't meet this protocol, it's just too complex therefore I'm going to do it where it's most important.' Usually that's at corporate headquarters, right? Well it's too late, it's too late," Medeiros said. "So scan 100 percent of your data. There should be no exception."
2. Companies Usually Don't Know What Hit Them
Medeiros emphasized that the perimeter of the corporate network has been all but obliterated. The upsurge of mobile devices such as smartphones and laptops in the workplace coupled with a workforce that is becoming increasingly more remote, has served to completely transform most companies' IT environments from what they were just a few years ago. The transitory workforce and porous network have also opened up a slew of security holes that have left many company executives puzzled as to how resolve the problem. And most companies don't know what they don't know, Medeiros said, adding that IT staff are usually only aware of a small fraction of attacks occurring on in their network.
"The threat is for enterprises, they really don't understand what they have to do to maintain that level of productivity and secure it properly," he said. "There are a lot of attacks that no one knows what they have taken. These (hackers) are operating in stealth mode, so I think it's important to be very clear, it's very fair to say that companies are deploying excellent security processes today, and unfortunately things are still happening in their network. People don't even know they're hacking in."
Next: Facebook And Work: The Train Has Left The Station
3. Facebook And Work: The Train Has Left The Station
It's no secret that explosion of social networking users is one of the driving forces inadvertently propelling the massive pervasion of malware and botnets. Many of those users are surfing Facebook, clicking on links, checking personal e-mail and utilizing various apps during work hours or on work issued devices, potentially exposing the corporate network to malware. But during the panel discussion, Medeiros told the audience to deal with what is, not what they want it to be. Because of user demand, employers have no choice now but to allow their employees to use work-related computers for personal business as well. And there is no stopping this train, he said.
"It's already left the station. All of us believe that we're going to have this pure world, don't let anybody do any personal work on a computer or server that my company own, I guarantee you my company's productivity will go down," he said. We in the security industry have to find a way to deal with that phenomenon and I think it's our responsibility to get there."
4. Don't Expect The End Users To Figure Out Security Themselves
During the discussion, panelists weighed in on the age-old debate between security technology versus education. Is adequate security incumbent upon technology companies or the end users? Medeiros emphatically said that the security industry has to do a better job of scanning files and securing ports than it does today. And that security, he said, shouldn't impede the end users' productivity.
"I don't want to describe it as only the end user. I think the industry has to do a far better job and certainly this is challenge that we face everyday," he said, citing the example of an employee who was adhering to best security practices but got tagged with a malicious file on Facebook. "Now as a user, did I do anything wrong? I did everything right. I'm trying to create productivity for my company. We as an industry have to educate. We have to do a much better job of making sure we're building some pretty sophisticated technology," he said. "Users can't be asking themselves every time 'what am I doing and how secure am I?"
5. Channel Partners -- The Antidote For SMB Small Budgets/Staff
During the discussion, panelists agreed that despite the skepticism, Security-as-a-Service or cloud-based solutions provided SMB's with comprehensive security coverage, especially if they had limited or non-existent IT staff.
That might be true, Medeiros said. But SMBs also had the option of relying on an extensive network of channel partners with a wealth of expertise and solutions at their fingertips. Subsequently, channel partners could supply SMBs with a ready-made portfolio of security products and services that including scanning and monitoring their network.
"We have a network of people who are out there as censors, and all of a sudden they're seeing something happen in their network and they're providing that information immediately to this grid of 1.5 million install base solutions out there, and the level of protections are happening much faster by the social medium of this grid, rather than one person sitting there saying 'oh, something just happened, I got to figure out what the heck to do now.'"