Ng Chong Seng's Blog
Ng Chong Seng male Deputy Editor
Ex-writer turned marketer turned writer again, Chong Seng is fascinated by all things tech. He loves lambs, and avoids semicolons.
Has your company’s IT department recently issued you an Apple iPhone (or an Android phone, for that matter) as a work phone, after years of decreeing RIM’s BlackBerry? Or gave the go-ahead for your personal smart device to access the corporate network? Lucky you.
While the idea of consumerization at the enterprise isn’t new, the growing popularity of personal smart devices especially in the past three years has hastened this pace, with increasingly more companies (at times, under great pressure) adopting BYOD (bring-your-own-device) policies.
As an employee, it may be difficult to see what the brouhaha is all about. I remember a friend who saw his request to use his own laptop at work turned down saying this to me, “Here I am, trying to be more productive and responsive, and the company rejects it.”
To be fair, I believe the IT department knows the advantages of allowing the staff to use their own devices—devices that they feel comfortable with, and are attached emotionally to. But as Trend Micro’s CEO Ms. Eva Chen expressed at the recent CloudNext APAC media conference, it becomes tougher when you’ve to factor in the number and variety of consumer-grade apps and cloud computing services out there. Social media platforms like Facebook and Twitter, cloud storage services like Dropbox and iCloud, VoIP and video chat apps like Skype and FaceTime—these are just the tip of the iceberg.
From Trend Micro’s point of view, having a formal BYOD policy is just the beginning; companies should also think about how their employees use their devices, so as to better prepare themselves from other security risks, such as data loss via consumer apps. As Ms. Chen aptly put it, the difficulty businesses face in the light of consumerization of enterprise mobility is in finding a solution that balances their need for control, and the staff’s need for freedom.
For businesses looking for a robust mobile device security management solution, Trend Micro has it in its Mobile Security 7.1. In short, it marries cloud-based security enforcement with mobile device management (MDM) capabilities. And it manages and secures the most popular mobile platforms today, including Apple’s iOS, Google’s Android OS, and RIM’s BlackBerry OS. A hosted MDM solution is also coming in the second half of this year.
The Journey to the Cloud is Arduous
Looking at the company’s slogan—Securing Your Journey to the Cloud—it’s should come as no surprise to anyone that the cloud is one huge area of focus for Trend Micro. After all, the company has gotten into it early, and is now a recognized leader in virtualization and cloud security solutions.
In the past, when we talked about endpoint security, we really meant Windows PC (be it desktop or laptop) security. This is no longer the case now; threats in this post-PC era can come from mobile devices, and terminals you don’t really see in front of you, such as virtual servers. Furthermore, data is constantly on the move when it’s on the cloud. As such, Trend Micro argues that perimeter defense (that is, an outside-in approach where by you try to block threats from entering the network) is no longer the best approach when devising security solutions.
To protect data in transit and well as data stored on a variety of devices, an inside-out approach is recommended. And the crown jewel in Trend Micro’s vision of a smart, data-centric security framework is its cloud-based Smart Protection Network (SPN). Simply put, it’s a cloud infrastructure designed to block the latest threats before they reach you. It uses a mixture of cloud-based file, email, and website reputation technologies that correlates with local threat intelligence for a smarter security. Omni-present in many of Trend Micro’s solutions and services, it typically works in conjunction with lighter-weight clients. According to Trend Micro, the SPN processes more than 45 billion URL, email and file queries each day, and 5 billion threats are blocked every day.
In August last year, Trend Micro released Deep Security 8.0, a platform for securing physical, virtual, and cloud computing environments. It’s touted as an integrated solution that consists of anti-malware, firewall, IDS/IPS (intrusion-detection and prevention systems), Web application protection, integrity monitoring, and log inspection. For the uninitiated, Trend Micro has been cooperating with virtualization leader VMware for many years now, and the former’s Deep Security has now integrated with VMWare vShield Endpoint APIs to do agent-less file integrity monitoring. This is certainly timely, considering the constant pressure to lower operational costs by increasing VM (virtual machine) density per server.
Competition in the VM security space is certainly heating up. Various big-name security vendors have started to partner with VMware to offer security solutions, such as Kaspersky’s Security for Virtualization, McAfee’s Management for Optimized Virtual Environments, and Bitdefender’s Security for Virtualized Environments. When asked about whom she sees as Trend Micro’s competitor, Ms. Chen answered ideologically, “Our real competitors are the hackers and the threats.”
On a related note, for those looking to encrypt and protect data on VMs, public, and private clouds, check out Trend Micro’s SecureCloud.
The New Three-letter Buzzword
In the past, you knew you were attacked when hackers made their messages known. Today’s attackers are stealthier, and many are driven by monetary gains. Using increasingly innovative attacks designed to circumvent traditional security measures such as firewall and IDS/IPS, and carried out in a patience, coordinated manner, often with very specific objectives (e.g. stealing of sensitive data), APT (advanced persisted threat) is the security buzzword at the moment.
The most common strategy an attacker employs is ‘spearfishing’—that is, targeted phishing. Think of it as a form of social engineering that’s tailored for specific individuals. Often based on stolen personal information (or information publicly available on social networks) to craft the attack, the aim is to fool the target to provide sensitive information, or in the case of an email, open a malware-infected attachment. Most of us know the rule: Don’t run an executable attachment without verifying if it’s legitimate. But what if it’s a PDF, Word, or Excel document? According to Trend Micro, 70% of malicious attachments are such types of files.
Once access is granted, a back door is established; the attacker would then move laterally across the network, infect more machines, and install more backdoors along the way. The basic idea is to gain intelligence to accomplish its mission, such as credentials to servers with sensitive data. Of course, the last step is to ex-filtrate this data.
It’s pretty obvious that the increasing sophistication of targeted attacks is rendering parameter defense obsolete as each day passes. What can a firewall do, when the attack is launched (unintentionally) by someone inside the network?
For Trend Micro, the solution is to have a system to ‘connect threat intelligence with inside network visibility’. In layman’s parlance, it’s to have a way to detect for human attacker activity inside the network. The Smart Protection Network is great, but won’t it be nice if the management and analysis functions can be done on-premise? Well, enter Deep Discovery, Trend Micro’s latest threat management solution. Available as a standalone appliance or as a virtual software appliance, it’s designed to combat APTs and targeted attacks, using advanced malware detection and event correlation across every stage of the attack sequence.
While Trend Micro agrees that humans are the weakest link in any enterprise’s security strategy, the company also feels that the most important thing a company can do to protect itself is to empower its employees. And we agree. Just like how empowering employees to BYOD can result in increased productivity and mobility, employees who are informed and trained will also help to mitigate a lot of above-mentioned security risks.