Technically Secure
mrothschild

Let’s See the Forest and the Trees

by Juniper Employee on ‎01-19-2009 09:40 AM

Pick up any security magazine....it's ok, I'll wait....

 

Stories are abound with the latest worm, identity theft, targeted attacks and other "James Bond-ish" types of attacks that have claimed its next victim.  Don't get me wrong, all of these things happen with astounding regularity, but there are times, such as now that we need to take a step back to the basics.

 

Our employees are our biggest asset, but they can also be our biggest security risk. Every day, confidential information walks out the door when employees bring thumb drives, laptops and in fact their brains, home. In most cases, it comes back in the next day when employees return to work. But what happens when it doesn't? PCs get stolen, thumb drives get lost, and people talk - sometimes divulging proprietary information that they shouldn't. And this puts organizations at risk.

 

In efforts to stem the incidents of viruses, Trojans, worms and other bad things that can infiltrate a network, we not only should be investing in gear to secure our network, but we must also invest in our own employees in the form of education. In order to truly stack the deck in the company's favor, it is essential to establish a real and ongoing "in-service" to educate employees on the ways they can help secure the organization from security incidents.

 

Striking the right balance between employee education and purchasing security products is not easy, but is necessary. However, focusing on one without the other can be a recipe for a breach. From a security perspective, investment in the network and employees costs money, but it also pays dividends. And you can take that to the bank.

 

mrothschild

Rear View Mirror Security

by Juniper Employee ‎01-06-2009 06:04 PM - edited ‎01-06-2009 06:05 PM

As we begin 2009, we return to work with the “clean slate” feeling and with renewed vigor to implement our 2009 plans that we have diligently worked on in Q4’08. We have celebrated our 2008 victories and are ready to implement adjustments in course to take advantage of emerging opportunities that will take the company to the next level.


From an IT perspective one constant planning exercise revolves around security; specifically ensuring the security of applications, and perhaps most important the security of proprietary information and customer data. Every year, we endeavor to stay one step in front of the hackers by deploying and fine tuning the right combination of security element to our networks.  


In reviewing the security news events of 2008, the good news is that a lot of highly sophisticated and damaging attacks were identified. The bad news is that in the vast majority of cases were discovered after the breach occurred.


The big question is: why do we accept this approach as an immutable law of security? We continue to purchase and deploy security that reports about what has happened in the past instead of what is happening right now. We deploy “rear view mirror security” that empowers us to take action only after the damage has occurred.


In our personal lives, would we ever buy a physical security system that promises to inform us after a thief has broken into our houses and made off with our most prized possessions?

 

In planning our security strategy for this year (and indeed beyond), it is essential to choose security that not only provides a detailed historical view with drill down capabilities, but also a security solution that can identify what is happening right now in order to take action before the damage has been done.  There are lots of options as to whether manual, semi-automatic, or fully automatic actions are taken when a breach is detected. Leading security solutions allow for the appropriate action to be configured based on the threat or type of attack.


Make the resolution now to no longer accept rear view mirror security to secure your most prized asset. Your organization depends on it.

 

To a happy (and secure) 2009!

Message Edited by mrothschild on 01-06-2009 09:05 PM

mrothschild

The Changing Security Landscape

by Juniper Employee ‎11-20-2008 03:29 PM - edited ‎11-20-2008 03:30 PM

This week I was at a partner event talking about security and a person in the audience asked me, "so how do I sell security"? On first blush, this seemed to be like a question that is so general, it cannot be answered! Ask me an easier one, "why is the sky blue"?


Then I got to thinking, selling green is easy, consolidation is cake, virtualization sells itself. Why? Because they have a demonstrable and predictable cost savings. Selling security is like selling insurance. It's hard to quantify, until the unthinkable happens.


As I mentioned in a previous post security has changed...so much that this unthinkable is becoming more of a reality.  I felt so strongly about it, that I recorded a 3 minute video to talk more about the changing security landscape and how that insurance policy is not a luxury, but a necessity to every high performing business.


Check it out and let me know what you think!



Message Edited by mrothschild on 11-20-2008 06:30 PM

There are an increasing number of access control products in the typical corporate network.  This includes SSL VPN products for remote access control, and Network Access Control (NAC) for local access control.  The mission of these offerings is to provide access to the network only for authenticated users on secure machines.  At the same time, security products ranging from firewalls to IPS/IDP systems are monitoring the traffic on these same networks, ensuring that network assets are protected from unwanted behavior.  Future security solutions will begin to blend these concepts of access control with end user behavior.  These offerings will leverage not only user identity and posture assessment, but actual traffic on the network, to ensure that authorized users are staying within the confines of corporate security policies.  Coordination of this sort will allow these systems to react dynamically to user behavior.  For example, if an authorized user launched an attack against the corporate data center, an IPS might drop that traffic, providing the protection it was design for.  At the same time, it would feed information related to the attack into the corporate access control infrastructure, so that action can be taken on that end user's session - quarantine, or session termination, for example. The result is end-to-end threat control and prevention - coordination of network and security elements that ensures that all of the relevant information that these devices are collecting can be used to make the best possible decisions on user access.  With this type of system, the days of silo'd security devices are numbered.

Since we are right in the midst of the presidential race where everyone is talking about "change", it looks like I too have been influenced and have spoken about change; specifically the changes in security threats that organizations must come to terms with. I would be remiss in not discussing in this installment the quantum changes that we have seen in the financial markets and what this means from a security perspective.

 

The financial turmoil that has seemed to envelop the world's economy can be seen clearly on the faces of financial services employees as I pass them on the street down in New York's financial district. As the stock market swoons and dips (and dips again) once mighty financial giants are unsure of their short term viability let alone long term viability.

 

And while these wild market gyrations continue to unfold, the CIO is also faced with the monumental task of continuing to ensure security of the network, applications and users while it appears that Rome is indeed beginning to burn.

 

The security threat is not from where you may think. As workers at the financial institutions begin to lose faith in their organization and feel that their job may be at risk, the time that is ripe for confidential data to leave the organization. Moreover, for an entire industry in "meltdown mode," the insider threat is gaining new attention as the incidents of employees committing a security breach are on the rise.

 

While most employees may not intend to create a security breach, there are always those few "bad apples" that find this to be the best time to harvest information (maybe for their next job or for retribution against a perceived injustice that the organization committed).

 

Whatever the motivations, CIOs must realize that given the current economic crisis, they must turn to comprehensive security that is able to look at potential threats inside their perimeter. They must be able to root out sophisticated and stealthy attacks that are designed to evade traditional security solutions, because who knows the organization's security better than one's own employee?

 

All financial investing have some inherent risk (as we are painfully aware), but in this unsure economic situation it is essential for the CIO to recognize the security risks and plan a careful strategy for maximum protection.

In my last post we discussed a shift in the types of attack vectors that organizations have experienced and thus what results in a major security gap that organizations must come to terms with.  But this is not the only change that makes organizations more vulnerable to a potential security breach Regardless of an organization's charter, its greatest asset is its information. Whether it is a patented idea, customer data, or confidential roadmap, information is the single most important asset which determines if a company will prosper, eek by, or fade into oblivion. So if information is our greatest asset, why don't we better protect it?

 

When I go to on customer calls, one of the first things I do is open my laptop and do a networks scan. Most of the time, I can hop onto the network and gain full access without being challenged. I have full rights, full reign and the proverbial carte blanche to do as I wish. But don't think that this is an aberration. TJMaxx, UBS and Best Western all share the common bond and they are just a few organizations on a very long list of companies whose data has been stolen.

 

Hackers today can do more damage with a keyboard than a gun. Whether they sell confidential corporate information on the black market or commit identity theft, the motivation is financially based and can be highly lucrative.

 

Beyond soft targets, we also have sleeping sentries. A recent Verizon study noted that 63% of the organizations studied took MONTHS to find that a breach has occurred.  This is long after the damage has been done and is too late to mount a meaningful defense.

 

The motivation for hacking has evolved from breaking into websites to gain notoriety to a potential financial windfall for using or reselling confidential information. The sooner we mount the right defense to address this new reality, the better chance we have for ensuring that our organization is not on the front page of the Wall Street Journal for all the wrong reasons.

About Technically Secure
Welcome to Technically Secure, the Juniper Networks blog dedicated to trends and innovation in the world of IT risk management and security. Here we'll offer technical perspectives on network security, covering things happening within Juniper Networks as well as issues across the industry as a whole. Our mission is simple: explore ideas, share information, and provide insight that will help you take a proactive stance on threat and risk mitigation.

Our primary objective is to explore technical IT security issues as business and technology challenges that could compromise the effectiveness of enterprises and service providers. We'll share our strategies for staying ahead of today’s rapidly changing threat landscape and focus in particular on innovation in network security technologies.

We’ve assembled a great team of bloggers to kick off these conversations with you, but we encourage your participation. If there's a topic that you'd like us to cover, let us know by commenting on the blog. We’re not just talking — we’re listening.

Our Bloggers Krishna Narayanaswamy,
Distinguished Engineer


Krishna is a Distinguished Engineer in the Service Layer Technologies group at Juniper. He is currently working on DPI technology initiatives in products targeted at service providers and enterprise markets.

Krishna has 19 years of experience in data networking involving Ethernet, ATM, IP, Switching and Security technologies. He has authored 10 patents in the areas of switching, security and QoS. He was actively involved in the IEEE 802.1 and ATM Forum standards committees.

Prior to Juniper, he was the co-founder and System Architect at Top Layer Networks where he played a pivotal role in bringing multiple products to the market. He has also held senior engineering roles at Digital Equipment Corporation and Fore Systems.

Michael Rothschild,
Senior Manager
Solutions Marketing


Michael Rothschild is the senior manager of solutions marketing at Juniper Networks, responsible for security solutions for the enterprise.

When he’s not busy helping customer’s understand the importance of a solutions focus to address the new security threats affecting business, Michael is a professor of marketing and volunteers as a paramedic.

Lior Cohen,
Solutions Architect


As a Solutions Architect and Leader of Enterprise Solutions Engineering at Juniper Networks, Lior Cohen is responsible for developing reference architectures and best practices utilizing Juniper products. In his free time, Cohen enjoys mountain biking and spending time with his children.

Rich Campagna,
Senior Product Manager


Rich Campagna,
Senior Product Manager in the Access Business Group at Juniper Networks is responsible for driving the business strategies, product development, partner interactions and customer engagements to help drive the growth of Juniper Networks' Unified Access Control and Secure Access SSL VPN solutions. Rich is also an avid snowboarder and motorcyclist (not at the same time).

Labels
Blogroll
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.