With an high level of upheaval in the IT sector, technology environments have becoming increasingly heterogeneous, and enterprises have been forced to grapple with a more complex and menacing landscape. To support secure business processes and guarantee the protection of sensitive data, information security must now evolve.
The changing IT environment and security inflection
The IT environment has been undergoing an ongoing and dramatic growth spurt. An increasingly heterogeneous environment and an explosion in the scope and number of threats have increasingly rendered traditional security models ineffective. The old mainstays of firewalls andantivirus solutions that were once adequate providers of security protection to the network infrastructure have been relegated and are now antiquated methods of protection that need to be updated and supplemented by a new generation of information security solutions.
In a nutshell, the main drivers of this large-scale transformation are mobilisation, externalisation/collaboration and consumerisation. Mobile devices and the mobile Internet have enabled people to work outside of their offices, blurring the distinction between internal and external access to resources. In particular, distinguishing between “us” and “them” (with regard to malicious forces) has become more difficult. The increasingubiquity of consumer devices and applications has increased the number of protagonists operating in the sphere and has therefore increased the overall level of risk.
This implies that trust is no longer binary and that all entities are potentially hostile. For the chief information officer and the chief risk officer of a company, traditional static security policies are flawed and not capable of addressing a company’s evolving business demands.
In addition to these factors, virtualisation and cloudification are two other key factors that must be considered. With the upheaval that new technologies have wrought, information security has been forced to quickly evolve, and must now support virtualisation and cloud-based computing.
The previous incarnation of IT infrastructure-based security policy that had been used to describe the network and information security of a company’s business environment is incapable of detecting and describing who, where, and how in a virtualised, cloud-based environment. Enterprises need effective security policy enforcement that is able to describe the network and information security of an environment that mimics their actual business infrastructure.
Context-aware security solutions
The security concerns of enterprises have shifted from defending against external threats to the management of business-related content, identity and application awareness. In 2006, top ranking security issues included anti-virus, external attack protection, anti-malware and spam filtering. In 2010, these have been replaced by application vulnerability assessment, data protection in a mobile access environment, visitor identity and role management, content monitoring and information leak prevention.
Enterprises need to better understand the security environment around them so that they are able to make effective security policy decisions, and this calls for context aware information security solutions that can inform about content, identity and applications. According to Gartner, by 2015, 90 percent of enterprise security solutions purchased will be context aware, up from 10 percent at the end of 2009.
Looking at the network and information security solutions available on the market today, the majority of security products are still not context aware. As Gartner estimated, only by 2015 will a significant transformation to context awareness have taken place. For now, the question remains: How are information security solutions currently evolving to incorporate context awareness?
Content, identity and application awareness are part of a shift to a context aware-security infrastructure that will effectively operate by helping enterprises make security decisions that allow or deny individual actions. For example, a context-aware security infrastructure would be capable of detecting whether a certain entity (content, identity, and application) should be allowed to execute a certain action (open, read, write, execute, etc.) on a certain entity (content, identity and application).
Leading information and network security vendors such as Huawei Symantec have begun to add content, identity and application awareness to their security solutions. Huawei Symantec’s next-generation firewalls are able to serve as access control beyond the level of infrastructure ownership.
In addition, controls over appropriate and inappropriate access to resources will be based on content, identity and application awareness. Security decisions will be made at the information-centric level by allowing or denying actions such as whether or not a specific user is permitted to use a specific application to access data in a company’s network.
The future of information security is context awareness. In this regard, enterprises need next-generation network and information security solutions that are future-proof and fully capable of evolving to support rapidly changing and increasingly complex threat and business environments.
By Shabir Satar, product manager for Huawei Symantec.