In an exclusive interview with IT in Canada, Candace Worley, SVP and GM for the McAfee Endpoint Security Business discussed cloud security, cyber crime, and what businesses can do to keep themselves and their data protected.
IT in Canada: Why are so many businesses prone to cyber attacks today?
Candace Worley: I think there are a couple of reasons for that. Firstly, many businesses have a very heterogeneous environment. That could mean that they have multiple types of devices, many different operating systems, spanning from Windows to Apple, Android or Linux. They could have different versions of these operating systems, dependent upon the application, whether that’s a server, desktop or phone. This adds complexity to that environment.
When you add the application population that corporations are dealing with, and the need to manage updates and patches for (them), the introduction of corporate networks and personal devices, the level of complexity has grown exponentially. It creates a very multi-dimensional surface that those organizations are required to secure and maintain. Complexity, to a certain extent, is the enemy of security, in that the more complex the environment is, the more difficult it is for the IT organizations to plug every single gap.
Added to that is the fact that we’re now dealing with bad actors (hackers) who are equally sophisticated and in some cases, are better funded than some organizations. They are leveraging highly educated and capable individuals in the development of those attacks. It’s gone from being a world where bad actors are opportunistic and playing for fun to organized business and that makes a big difference in terms of that adversary that you’re attempting to secure against.
ITIC: Why have cloud-based applications and mobile devices been susceptible to cyber attacks?
CW: Cloud-based applications have become more pervasive in certain areas. I think many corporations are still deciding how they’re going to move more dramatically or aggressively into the cloud. From a mobile perspective, we have seen some mobile malware, but it’s certainly not as pervasive as malware attacks on traditional devices. Will that change over time? Absolutely. I think that attacks generally follow the money. With as many people transacting on mobile devices today as they are as it relates to bill payment and purchasing online, we will see an increase there. To date, given the pervasiveness of those devices, it’s actually not been nearly as aggressive as it might have been.
ITIC: How have McAfee’s new releases provided better protection for the cloud?
CW: We’ve had a pretty prescriptive approach to data centre security. We have a number of applications that translate very well to cloud infrastructure. They feature application control, which enables the ability to lock down a server-based environment. We introduced technologies like our McAfee-optimized virtual environment, McAfee MOVE, about four years ago. It was created solely with the intent of securing virtual environments, many of which are based in the cloud. It allows you to gain all of the advantages of the cost reductions you get by moving to cloud computing and virtualization, but allows you to continue to get maximum density while you have security present.
We’re also working closely with Intel, our parent company, as it relates to how we can leverage hardware to better secure virtual environments and cloud infrastructures. They have a number of technologies included, such as Intel TXT, their trusted execution technology, which allows you to attest to the degree of the hypervisor at boot with boot attestation. Things like that will be critical in allowing customers to get more confidence about moving to a more aggressive cloud adoption position.
ITIC: Why are more businesses shifting to the cloud model?
CW: I think a lot of it relates to achieving operational efficiencies. Certainly, if you’re leveraging cloud infrastructure, you’re probably reducing the capital expenditure that your corporation is spending on setting up its own data centre. There is a balance there between the cost of paying someone else to manage that infrastructure and setting it up yourself, but companies today are doing that analysis as a trade-off. I think the other part is companies are highly distributive. Many organizations have offices all over the globe, let alone all over a certain country, and that ability to place applications or infrastructure at the cloud level and have it be easily accessed, regardless of the physical location of the device or the individual needing access, is an extremely attractive prospect. It’s a very distributive nature of businesses today. The world has gone flat for all intensive purposes, and the cloud enables consistent access to data and applications, regardless of the physical location.
ITIC: What kinds of cyber crime pose the biggest threat to businesses?
CW: Identity and PII theft have been a major issue. Some of the incidents we’ve seen over the course of the last nine to 12 years really highlight the fact that bad actors are no longer after taking down the device. If the device is not active, then information is not flowing through it. The goal with the corporation is the information and data that’s flowing through that network and crossing those devices and applications. It could be credit card or banking information or intellectual property. If it’s more at a nation state level, it’s government or military information on the actions of a country. Businesses and organizations are being targeted specifically for the information that courses through the veins of its network.
ITIC: What steps can businesses take to ensure the security of their cloud and mobile devices?
CW: Wrapping security around data is a critical first step. If data is essentially the currency that people are after when they hack into an environment, encrypting that data and wrapping applications like data loss prevention and full disk encryption around the device and the data are a really important first step. If that data is encrypted, someone who is really good can figure out how to get to it, but it’s going to be a whole lot harder. It’s probably easier just to move down the street and pick on a company that hasn’t encrypted that data yet.
Second is constant monitoring. Diligence around the security policy that you have in place has actually been applied, and then monitoring it through constant stability via a management infrastructure that your security is still in place, is still current, and hasn’t been deactivated either by malware or an unintentional act by an end user. Often times, end users will turn something off, they’ll store data in an inappropriate place not necessarily because they’re malicious, but because they just think they’re getting their job done faster. It’s amazing what an employee will do in the service of really trying to do a better job for the company, and they don’t necessarily think about the security implications of that act.
ITIC: What are McAfee’s future plans for cloud-based security?
CW: We’ve actually had SaaS solutions since around 2001. We introduced an endpoint fast technology that provided the ability for you to run a small virus-scanning agent at the endpoint and manage that through a cloud infrastructure. We continue to expand those capabilities today. We have email and web via the cloud and additional technologies that are beyond AVs that are available for management of the cloud at the endpoint. We will continue to work with Intel around how we can leverage hardware of trust to help companies become more comfortable as they move additional computing and data assets into the cloud, they can be assured of the integrity of the underlying infrastructure, as well as the applications and data that reside on that infrastructure. Many of those technologies are available today, and many are also on the roadmap to further expansion of that security solutions set in the future.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…