Christopher Young, head of security at Cisco, emphasized the importance and power of the network in his keynote speech on the second day of the RSA Conference.
Information
security professionals are faced with two difficult questions when trying to
secure the network. They can either lock down the network, or free up the
technology, according to Cisco's newly appointed head of security.
The bring-your-own-device
(BYOD) trend and the consumerization of IT pose significant challenges to the enterprise.
While many security professionals want to lock down the network and prevent
employees from using non-approved devices to access data or applications, it is
not always possible, Christopher Young, the head of security at Cisco, said
during his Feb. 29 keynote speech at the RSA Conference. Organizations are
increasingly worried about the prospect of a cyber-attack compromising their
data, and allowing employees to use any device for work purposes expands the
potential risk.
We're torn
between these two extremes, Young said.
Locking down the enterprise infrastructure doesn't guarantee
security any more than opening it into a free-for-all, as employees have no
qualms about breaking the rules when it is not convenient to follow them.
Security is often too cumbersome and complicated for the average user who
winds up going to great lengths to bypass security in order to do their jobs,
Young said. In a recent survey, 70 percent of employees admitted to breaking
company policy, Young said.
This tendency
was in evidence even among the technically savvy and security-conscious
audience at the RSA Conference. The conference organizers deployed a secure
wireless network that used digital certificates to authenticate devices onto
the network. People lined up at the wireless help desk for assistance in
getting online connectivity on their smartphones, tablets and laptops. And
there were even more people not bothering with the secure network and trying to
connect to one of the free wireless hotspots, said Val Rahmani, CEO of
Damballa.
Administrators
are also constantly second-guessing themselves. In the struggle to come up with
the right decision, security professionals compromise their own efforts, Young
said.
We have to
have both. We need to have our cake and eat it, too, Young said.
The way to
have both is by unlocking the power of the network, according to Young. The
network is uniquely equipped to deliver security in a way very few technologies
can, he said. The network is what collects the data about what users are doing,
what data is being accessed and what the systems are transmitting. The network
sees all the users, devices, applications and systems, as well as the
interactions between the components, Young said. All this is available in real time,
he said.
This is
why the firewall is still important, as are virtual private networks and
secure wireless networks, Young said.
It is not
possible to expect administrators to physically manage every kind of device
every day. As a dizzying array of mobile devices floods into the network,
administrators will need to rely on the network for information about what
device is connected, where it is connecting from and what it is doing,
according to Young.
The network
allows you to lock it down and free it all up, he said.
Cisco
estimates that by 2016, there will be 8 billion smartphone devices globally,
and desktops will be delivered on the network to whatever device the user is
using at the time, Young said.
Rahmani said
there should be less worry about the exact device that is being used. At the
heart, every device is essentially just an IP address, so the important thing
is to make the network secure, she said.
Email
Print
