Ok so next time I have to remember to leave enough time to take a decent lunch. I had to miss a vendor presentation because I didn’t schedule myself a lunch break. Now it’s back on pace with the 1:10 panel discussion – the future of endpoint security. So what is the first thing I tried to do when I got back – you guessed it hop on the WiFi either it’s down, the room I am in has poor reception, or someone is having fun with it, but in any case I can’t connect. So had to write this off line and I will have to post it as near real time as I can. One of the things I noticed when trying troubleshooting I did notice one hell of a lot of “mobile” wireless access points (phones, MiFis, etc.) with WEP encryption. If I was being bad I would have a list of available hotspots to use.
Now to the discussion: Endpoints = everything from servers to mobile devices.
Monoj Aple – Zscaler
Doug Bowers – Symantec
Bret Hartmand – Cisco
Mobility, Cloud and Servers – Bret refers to his son jailbreaking an android phone – OK , he already loss credibility in my book. Then goes to on about talking policy carriers will get involved (jokes mad about the Cisco guy say security is going to network)
Protect information on the devices – Doug.
Moderator: How is the network capable of protecting the endpoints when most threats are at the application label. – Bret’s response: 1. Everything runs over network and 2. Can funnel traffic to policy enforcement point. Monoj: It’s not one carrier’s problem has to be handled by other devices/solutions. Doug: Mobile devices are being brought in and they are surprisingly harder to manage. Doug sees it splitting into 2 parts those directly managed (i.e. corporate machine) and 2.BYOD (key here to protect app and data) has less management than typical systems. BYOD still needs to have app installed. Rest of panel saying it really has to be one solution no separation of BYOD and systems. Bret – if we rely on something installed on the device – can you control it and is it there (think Bit9) it can be circumvented.
Moderator: Open the Apple Android debate. Doug – the greater the adoption the greater ever increasing threat landscape. Can we lock them like Bit9 and the others vendors. Doug: it’s a tool in the toolbox but there is still need for others – on it’s on it isn’t good enough. Bret: been doing security for 30+ years “end point security keeps getting worse” Monoj: just something as simple as browser exploits still seen as a big problem.
Moderator: If we have BYOD but can’t be sure about the devices (sampled bank fraud aspect) do we just assume it is a dirt device and we should treat all of them like that. Doug: we are going to have to take consideration from various systems – Device context –w here is the device and factor that into what we secure it with. Monoj: company can be liable for what happens from/to device.
Moderator NAC controls how does it play in Bret: many vendors have solutions for making complex NAC installations easier to manage.
Moderator what one control/technology/approach for securing endpoints. Doug: conetext and using the context in conjunction to focus on tighting down protections. Will always have more risks than we can deal with must manage which ones we address. Not one answer as far as product – lacking CISO level view. Bret: echo context concept. Software defined networking space (enclaving?) virtualiztion as trend. Would like to see stronger assurance of trust – feasible now. Confidence is key. Monoj: again echoes context (who, devices, where, when, etc.) 3 part solution 1. Part to endpoint guys –getting the endpoint to access a an enforcement system 2. protecting the network and behaviour analysis – app level focus. 3. Enforce the vendors to be more concerened about corporate needs. (dont’ but crappy stuff – my take on what he is saying)