Light Reading

AT&T's Amoroso: Perimeter Security No Longer Enough

Ray Le Maistre
6/12/2014
50%
50%

The days of networks being adequately protected by "perimeter" security infrastructure are over, according to AT&T Chief Security Officer Ed Amoroso.

In a special video presentation recorded by AT&T Inc. (NYSE: T) for Light Reading's recent Mobile Network Security Strategies event in London, Amoroso provided a detailed insight into the different stages "we're going through as a community -- a mobility community, telecom community, and as users."

In the past, perimeter security that was built using devices such as firewalls and intrusion detection systems "sufficed," and served us well as a community, notes the AT&T expert, but in those days mobility wasn't an issue.

The mass use of mobile phones led to the concept of network-based security, though this was driven more initially by the exploits of "advanced hackers" breaching perimeters and "being able to muck around with things inside the enterprise." This resulted in security strategies that involved thwarting attacks before they reached the edge of the enterprise network.

Now we're in a new phase, says Amoroso, where mobility-enabled cloud is enabling user-defined services for individuals and companies, and "mobility is how we breathe life into that." And the key issue now is "how can we not be a tether" -- there is no point in constraining smartphone users and tethering them to the enterprise if perimeter security strategies are no longer working, he states.

AT&T's Ed Amoroso has a firm grasp on the security challenges faced by mobile network operators.
AT&T's Ed Amoroso has a firm grasp on the security challenges faced by mobile network operators.

As we enter the era of the mobility-enabled cloud, the technologies that will be important, and which will enable user freedom in a secure environment, are:

  • Encryption: "Why not encrypt everything?" asks Amoroso. That comes with the burden to get public key infrastructure and single key infrastructure correct, but "that's very difficult to do."

  • Containerized technology: Enabling secure authorized access whereby a "session" protects the integrity of an access (for example, an employee accessing an online paycheck stub) and then provides the ability to wipe data from a device once it has been accessed and used, so that evidence of the session no longer exists on the device.

  • Proxy: A mediation layer between the cloud and users, where certain types of things can be mediated. Amoroso certainly believes denial of service should be included in that proxy.

  • Run-time virtualization: This is probably more important than anything, believes Amoroso. As you virtualize an entity into the cloud -- an app, for example -- then you need to virtualize security in a virtual environment, not try to protect it with old-fashioned security devices. The idea that network operators will dynamically provision security along with the other objects that are being provisioned into the cloud is "really exciting," says the AT&T security chief.

    "Put all those things together and I fundamentally believe you can protect the mobility-enabled cloud environment better than we can protect information inside perimeters today," proclaims Amoroso. "That's a controversial statement… [but] -- there will be those that believe compliance is most important but we need to get everyone on board here -- perimeter is not working today, advanced persistence threats are making their way through, denial of service attacks render edge computing difficult to maintain."

    He adds that embedding security into the object's run-time systems is something "we hope that compliance officers and regulators will become comfortable with, because the whole idea here is to make computing safer. It's not about checklists -- it's about using the checklists to make computing support the different missions that are important to all of us. That's our vision for the future -- this futuristic prediction that's becoming real now, going from perimeter, through network-based, to a mobility-enabled cloud where we feel more comfortable pushing our information out into something more ubiquitous and more separated and hopefully protected by run-time virtualized security functionality."

    Amoroso goes on to discuss further mobile cloud security and analytics issues with his colleagues Gus De Los Reyes, executive director, security R&D at AT&T, who runs the security research group, and executive director of technology security Brian Rexroad. Find out what they had to say, and see the full presentation by Amoroso by watching the video, AT&T's Ed Amoroso on Mobile Security.

    You can also find out what else happened at the Mobile Network Security Strategies event in London by checking out our dedicated industry show site.

    — Ray Le Maistre, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, Editor-in-Chief, Light Reading

    (0)  | 
    Comment  | 
    Print  | 
  • Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
    Flash Poll
    From The Founder
    Network architects aiming to upgrade their networks to support agile, open, virtualized services in the 21st century need to consider new criteria when choosing between technology suppliers.
    Live Streaming Video
    BTE 2015 Sponsor Keynote: HP
    Dr. Prodip Sen, CTO, Network Functions Virtualization, HP
    LRTV Documentaries
    IoT in Action

    6|30|15   |   1:39   |   (1) comment


    Two co-workers discuss the benefits of IoT technology.
    LRTV Interviews
    Ericsson Opens Up on OPNFV

    6|30|15   |   14:16   |   (0) comments


    Martin Bäckström, VP and head of industry area Datacom at Ericsson, talks to Light Reading founder and CEO Steve Saunders about the emergence of OPNFV, the importance of standards and Ericsson's OPNFV plans.
    LRTV Custom TV
    NetNumber Founder Discusses NFV/SDN Impact on SP Networks

    6|26|15   |   4:15   |   (0) comments


    NetNumber Founder Doug Ranalli examines why SPs need a new network infrastructure for service agility. While NFV and SDN are the tools, the old ways of thinking about signaling control are inhibitors. Doug provides his recommendations.
    LRTV Custom TV
    Orchestrating NFV vCPE Services Across Multivendor Networks

    6|26|15   |   5:46   |   (0) comments


    Nirav Modi provides an overview of vCPE, the fastest-growing NFV use case, showing how Cyan's Blue Planet orchestrates vCPE services across a multivendor infrastructure to rapidly deliver new managed services for business customers.
    LRTV Custom TV
    ZTE at LTE Summit Amsterdam 2015

    6|26|15   |     |   (0) comments


    As one of the leading global telecommunications providers, ZTE presented its cutting-edge technology at LTE World Summit 2015 in Amsterdam. On display at ZTE's booth were the latest R&D achievements in wireless, 5G development, HetNet, deep convergence of FDD and TDD, and RCS/IMD/iSDN/vCN.
    LRTV Documentaries
    OPNFV Director Opens Up on Women in Tech

    6|25|15   |   3:25   |   (0) comments


    Heather Kirksey, the director of the OPNFV, gets real about the gender disparity in open source and standards and discusses how we can change both the conversation and the gender dynamics.
    LRTV Custom TV
    Symantec's Service Provider Security Strategy

    6|24|15   |   7:06   |   (0) comments


    Didi Dayton explores Symantec's emerging enterprise security strategies for service providers. Highlights include 'killing the password,' self-defense, advanced analytics and adaptive response in a service provider architecture.
    Between the CEOs
    Debating Network Evolution With Cisco's Cedrik Neike

    6|23|15   |   12:54   |   (2) comments


    Cedrik Neike, SVP of Global Service Provider, Service Delivery, at Cisco, talks to Light Reading founder and CEO Steve Saunders about solving service provider customer problems in a virtualized, DevOps world, including multivendor support and the future of network procurement.
    LRTV Documentaries
    Vodafone: What's Good for Moms Is Good for Business

    6|23|15   |   3:04   |   (3) comments


    Megan Doberneck, the general counsel for Vodafone Americas, discusses her company's progressive maternity policy, explains why promoting women in tech is good business and offers some some good advice for any women in the industry.
    LRTV Interviews
    NFV: Ready for Prime Time

    6|23|15   |   05:09   |   (1) comment


    At BTE 2015, Vip mobile CTO Dejan Kastelic talks about how NFV is ready for the real world and how Telekom Austria is introducing centralized resources for its group operations.
    LRTV Documentaries
    Tykes Talk Tech

    6|22|15   |   02:30   |   (9) comments


    What does optical fiber look like? When will 5G arrive? What's the WiFi password at Ikea? Light Reading sat down with three 8-year-olds to answer some of the communications industry's most burning questions...
    LRTV Huawei Video Resource Center
    Huawei Partners With TDC for World's First Early DOCSIS 3.1 Field Test

    6|22|15   |   3:06   |   (0) comments


    In a move to enhance user experience, Denmark's TDC aims to become an early adopter of DOCSIS 3.1. In partnership with Huawei, TDC recently ran the world's first field tests on its coax network that reached speeds nearing 1 Gbit/s.
    Upcoming Live Events
    September 16-17, 2015, The Westin Galleria Dallas, Dallas, TX
    September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
    October 6, 2015, The Westin Peachtree Plaza, Atlanta, GA
    October 6, 2015, Westin Peachtree Plaza, Atlanta, GA
    October 14-15, 2015, New Orleans Ernest N. Morial Convention Center, New Orleans, LA
    All Upcoming Live Events
    Infographics
    Hot Topics
    Staying Productive With My Office-in-a-Bag
    Mitch Wagner, West Coast Bureau Chief, Light Reading, 6/25/2015
    WiFi Calling Catches on Globally
    Sarah Thomas, Editorial Operations Director, 6/23/2015
    Who's Feeding Fiber to LinkNYC Hotspots?
    Mari Silbey, Senior Editor, Cable/Video, 6/29/2015
    Verizon Closes AOL, Hints at Summer Launch
    Mari Silbey, Senior Editor, Cable/Video, 6/23/2015
    Like Us on Facebook
    Twitter Feed
    Webinar Archive
    BETWEEN THE CEOs - Executive Interviews
    Casa Systems has been going from strength to strength over the last couple of years. In 2013, it became the first vendor to ship an integrated CCAP device -- the ...
    Cedrik Neike, SVP of Global Service Provider, Service Delivery, at Cisco, talks to Light Reading founder and CEO Steve Saunders about solving service provider customer problems in a virtualized, DevOps world, including multivendor support and the future of network procurement.
    Cats with Phones