& cplSiteName &

AT&T's Amoroso: Perimeter Security No Longer Enough

Ray Le Maistre
6/12/2014
50%
50%

The days of networks being adequately protected by "perimeter" security infrastructure are over, according to AT&T Chief Security Officer Ed Amoroso.

In a special video presentation recorded by AT&T Inc. (NYSE: T) for Light Reading's recent Mobile Network Security Strategies event in London, Amoroso provided a detailed insight into the different stages "we're going through as a community -- a mobility community, telecom community, and as users."

In the past, perimeter security that was built using devices such as firewalls and intrusion detection systems "sufficed," and served us well as a community, notes the AT&T expert, but in those days mobility wasn't an issue.

The mass use of mobile phones led to the concept of network-based security, though this was driven more initially by the exploits of "advanced hackers" breaching perimeters and "being able to muck around with things inside the enterprise." This resulted in security strategies that involved thwarting attacks before they reached the edge of the enterprise network.

Now we're in a new phase, says Amoroso, where mobility-enabled cloud is enabling user-defined services for individuals and companies, and "mobility is how we breathe life into that." And the key issue now is "how can we not be a tether" -- there is no point in constraining smartphone users and tethering them to the enterprise if perimeter security strategies are no longer working, he states.

AT&T's Ed Amoroso has a firm grasp on the security challenges faced by mobile network operators.
AT&T's Ed Amoroso has a firm grasp on the security challenges faced by mobile network operators.

As we enter the era of the mobility-enabled cloud, the technologies that will be important, and which will enable user freedom in a secure environment, are:

  • Encryption: "Why not encrypt everything?" asks Amoroso. That comes with the burden to get public key infrastructure and single key infrastructure correct, but "that's very difficult to do."

  • Containerized technology: Enabling secure authorized access whereby a "session" protects the integrity of an access (for example, an employee accessing an online paycheck stub) and then provides the ability to wipe data from a device once it has been accessed and used, so that evidence of the session no longer exists on the device.

  • Proxy: A mediation layer between the cloud and users, where certain types of things can be mediated. Amoroso certainly believes denial of service should be included in that proxy.

  • Run-time virtualization: This is probably more important than anything, believes Amoroso. As you virtualize an entity into the cloud -- an app, for example -- then you need to virtualize security in a virtual environment, not try to protect it with old-fashioned security devices. The idea that network operators will dynamically provision security along with the other objects that are being provisioned into the cloud is "really exciting," says the AT&T security chief.

    "Put all those things together and I fundamentally believe you can protect the mobility-enabled cloud environment better than we can protect information inside perimeters today," proclaims Amoroso. "That's a controversial statement… [but] -- there will be those that believe compliance is most important but we need to get everyone on board here -- perimeter is not working today, advanced persistence threats are making their way through, denial of service attacks render edge computing difficult to maintain."

    He adds that embedding security into the object's run-time systems is something "we hope that compliance officers and regulators will become comfortable with, because the whole idea here is to make computing safer. It's not about checklists -- it's about using the checklists to make computing support the different missions that are important to all of us. That's our vision for the future -- this futuristic prediction that's becoming real now, going from perimeter, through network-based, to a mobility-enabled cloud where we feel more comfortable pushing our information out into something more ubiquitous and more separated and hopefully protected by run-time virtualized security functionality."

    Amoroso goes on to discuss further mobile cloud security and analytics issues with his colleagues Gus De Los Reyes, executive director, security R&D at AT&T, who runs the security research group, and executive director of technology security Brian Rexroad. Find out what they had to say, and see the full presentation by Amoroso by watching the video, AT&T's Ed Amoroso on Mobile Security.

    You can also find out what else happened at the Mobile Network Security Strategies event in London by checking out our dedicated industry show site.

    — Ray Le Maistre, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, Editor-in-Chief, Light Reading

    (0)  | 
    Comment  | 
    Print  | 
  • Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
    From The Founder
    Kicking off BCE 2017, Light Reading founder Steve Saunders lays blame for NFV's slow ramp-up and urges telecom to return to old-fashioned standards building and interoperability.
    Flash Poll
    Live Streaming Video
    Charting the CSP's Future
    Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
    LRTV Interviews
    CenturyLink: Let's Get Past SD-WAN Hype

    6|23|17   |   04:02   |   (0) comments


    Technology becomes a "shiny object" unless it's properly focused on solving business needs for enterprise customers, says Bill Grubbs, network solutions architect for CenturyLink. He explains to Light Reading why SD-WAN deployments have to be tailored to specific needs – and more.
    Women in Comms Introduction Videos
    Infinera's Sales Director Paints Tech's Big Picture

    6|21|17   |   4:14   |   (1) comment


    Shannon Williams, Infinera's director of sales, shares how she achieves work's many balancing acts -- between her role and the broader company, today and tomorrow's tech and more.
    LRTV Custom TV
    SD-WAN Innovation & Trends

    6|20|17   |     |   (0) comments


    Versa CEO Kelly Ahuja discusses with Carol Wilson the current status and trends in the SD-WAN market, Versa's innovation around building a software platform with broad contextualization, and the advantages that startups can bring to the SD-WAN market.
    LRTV Interviews
    Ovum's Dario Talmesio on 5G in Europe

    6|20|17   |   02:16   |   (0) comments


    At 5G World 2017, Dario Talmesio, principal analyst and practice leader on Ovum's fixed and mobile telecoms European team, explains the emerging trends amongst European operators as they prepare for 5G.
    LRTV Custom TV
    Putting Power on a Pedestal

    6|19|17   |     |   (0) comments


    ARRIS's John Ulm says a major accomplishment of SCTE•ISBE's Energy 2020 program is increased focus on power cost and consumption, including inclusion of energy requirements in operators' RFPs and RFIs.
    LRTV Custom TV
    Gigabit Access: The Last-Mile Pipe for All Future Services

    6|19|17   |     |   (0) comments


    A Gigabit access platform being deployed today must be able to deliver all types of services to an increasing number of devices. A non-blocking architecture is necessary to support the ever-increasing growth in bandwidth demand. The Huawei Gigabit access solution is based on a distributed design that is fully scalable to deliver a unprecedented performance.
    LRTV Custom TV
    Key Factors to Successfully Deploy an SD-WAN Service

    6|19|17   |     |   (0) comments


    As service providers transition their SD-WAN solution from trials and limited deployments into production at large scale, there are important considerations to successfully operationalize these solutions and realize their full potential, without adding complexity, introducing uncertainty or disrupting current business operations. Sunil Khandekar, CEO and Founder ...
    LRTV Custom TV
    IoT Solutions: Rational Exuberance

    6|19|17   |     |   (0) comments


    IoT solutions are morphing from hype into viable business opportunities. Huawei has the platform and ecosystem support to help carriers successfully address new business opportunities in the IoT space.
    LRTV Custom TV
    Realizing ICN as a Network Slice for Mobile Data Distribution

    6|19|17   |     |   (1) comment


    Network slicing in 5G allows the potential introduction of new network architectures such as Information-centric Networks (ICN) as a slice, managed over a shared pool of compute, storage and bandwidth resource. Services over an ICN slice can benefit from many architectural features such as Name Based Networking, Security, Multicasting, Multi-homing, Mobility, ...
    LRTV Interviews
    Ovum's Mike Roberts on 5G Uptake

    6|19|17   |   04:08   |   (0) comments


    Mike Roberts, research director for Ovum's service provider markets group, explains why he has boosted his 5G subscriptions forecast.
    LRTV Interviews
    AT&T's Hubbard on Intersection of SD-WAN & MPLS

    6|15|17   |     |   (0) comments


    Rick Hubbard, SVP of Network Product Management for AT&T Business Solutions, discusses how AT&T's approach to SD-WAN fits in with its overall virtualization strategy, explains how SD-WAN can improve enterprise customers' use of the cloud and addresses the intersection of SD-WAN and MPLS.
    Telecom Innovators Video Showcase
    Keep Connected IoT Devices Under Control With Allot

    6|15|17   |     |   (0) comments


    Allot AVP of International Pre-Sales, Daniel Keidar, explains how communications service providers can protect infrastructure and service availability from flooding attacks caused by malfunctioning or bot-infected devices connected to their network.
    Upcoming Live Events
    October 18, 2017, Colorado Convention Center - Denver, CO
    November 1, 2017, The Montcalm Marble Arch
    November 1, 2017, The Montcalm Marble Arch
    November 30, 2017, The Westin Times Square
    All Upcoming Live Events
    Infographics
    With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
    Hot Topics
    Netflix's Lesson in Culture Expectation Settings
    Sarah Thomas, Director, Women in Comms, 6/21/2017
    No Imagination: UK Chip Biz Goes Up for Sale
    Iain Morris, News Editor, 6/22/2017
    Kalanick Steps Down as Uber CEO
    Sarah Thomas, Director, Women in Comms, 6/21/2017
    Buy American: Will It Affect the Telecom Sector?
    Dan Jones, Mobile Editor, 6/21/2017
    Like Us on Facebook
    Twitter Feed
    BETWEEN THE CEOs - Executive Interviews
    Following a recent board meeting, the New IP Agency (NIA) has a new strategy to help accelerate the adoption of NFV capabilities, explains the Agency's Founder and Secretary, Steve Saunders.
    One of the nice bits of my job (other than the teeny tiny salary, obviously) is that I get to pick and choose who I interview for this slot on the Light Reading home ...
    Animals with Phones
    Live Digital Audio

    Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.