Security Platforms/Tools

Ericsson Calls for Data-Centric Security Approach

NEW YORK -- Mobile Network Security Strategies -- Call it variations on a theme. Ericsson vice president and head of the cloud software product line Jason Hoffman repeated an argument today made by data security experts throughout Light Reading's mobile security conference: A perimeter-centric security model is no longer sufficient in an era of mobile and cloud-based technologies. (See also AT&T Adds Virtual Layer of Security.)

In fact, Hoffman stated, the industry needs to adopt a posture where everyone is classified an insider (meaning there's an assumption that everyone has system access), and every system is defined as compromised. Instead of trying to secure the entire system, companies should instead work to secure the important data within it.

There are several components to a data-centric security solution, but one that Hoffman highlighted is the need for cryptographically provable integrity around things such as identity and file or application authenticity. He even cited the Bitcoin approach, with its distributed encryption technology, as a good strategy to emulate if "you throw away the actual currency part of it."

The modern computing environment hasn't shifted entirely yet, but as Hoffman pointed out, it won't be long before our data systems are all massively distributed, and there are substantially more connected devices than humans.

Hoffman made the analogy that data centers are becoming the 21st century equivalent of factories, and that in the cycle of industrialization, data systems are progressing through five steps: standardize, combine, abstract, automate and govern. Unfortunately from a security standpoint, at the heart of the third step -- abstraction -- is programmability. Programmability inherently requires accessibility, and that means that systems are growing more vulnerable.

Going back to the idea of a security perimeter, companies are now, through abstraction, blurring every aspect of what was once a fixed boundary.

— Mari Silbey, special to Light Reading

Susan Fourtané 12/4/2014 | 6:33:26 AM
Re: Cryptography The analogy of data centers becoming the 21st century equivalent to factories it's true. They also demand top security measures that are not always delived. Data canters need to use new security protocols.      

danielcawrey 12/3/2014 | 6:54:07 PM
Cryptography Cryptographic blockchain technology is certainly a great way to increase security. By using cryptographic proof, bitcoin-like technologies can better ensure dtat is safe. I think it's a great idea, although probably far off right now. 
Sign In