Sunday, January 6, 2008

The "pure-play" security debate ....

Happy New Year!

I spent some down-time over the holidays reviewing some security blogs and I see that a debate has arisen that is directly relevant to the discussion here about Security 2.0.

It seems that we want to debate the issue of whether the "pure-play" security companies will continue to be the market leaders.

First off I am guessing that by pure play we mean companies that provide anti-products [anti-virus, anti-spam] and other traditional security products?

In this provocative article, Troubled Waters, Symantec is positioned as a pure play security company that has drifted from the straight and narrow. The article suggests that Symantec may have lost its focus on security while on an acquisition expedition that has nothing to do with security.

I can provide a different view - perhaps security has simply evolved!

This "pure-play" discussion completely discounts the concept of Security 2.0! Does it suggest that we should ignore the newer security issues that are being created by the global use and distribution of sensitive information? That we should only be concerned with protecting infrastructure and machines, and not the data itself ?

Security 2.0 is about creating "full-on" security system that has the knowledge and ability to protect information whether it's in-use, moving and at-rest. This requires protecting the underlying infrastructure as well as the information itself and the policies around that information. It is an advancement on pure-play security not a replacement and therefore not a detour.

Ok, humor me and let’s just assume for a minute that Security 2.0 thinking is the right trajectory. With that assumption in tow let’s make a list of important technologies needed to fulfill that vision.

  • To properly monitor the data on an endpoint, scanners must be present so the configuration of that endpoint must be secured. Systems management expertise would be useful would it not?
  • To properly monitor the data at rest, scanners should be installed close to the storage should they not? Storage and storage management technologies that are installed in most of the globe's file servers, databases, messaging servers and desktops could have a role here, right?
  • Email security and archiving systems have a role in filtering and archiving message traffic that moves through networks. Email gateways would provide good expertise in this schema.
  • It 's also necessary to traffic the flow of this information in a policy driven way so it would be useful to have a centralized policy function.
  • And finally let’s throw in some of the traditional pure-play technologies with the addition of a network access control mechanism that insures the end node is correctly configured and vulnerabilities are remediated before they connect.

If we look back at the list above it is easy to see that the pure-players will have to acquire - and hopefully integrate some new technologies if they are to make Security 2.0 a reality for their customers!

I suggest it’s the security companies that stay "pure-play" that are in danger of ignoring the emerging security needs of their customers.

It's companies like Symantec and some other large companies that comprehend the future and realize that the anti-stuff alone cannot meet the demanding needs of protecting the infrastructure AND the information.

Symantec isn't simply trying to be a "one shop stop for all IT needs"; they have simply recognized that the emerging security problem is bigger than just keeping the bad stuff out. Protecting data and the infrastructure it resides on is a more complex security problem that will require the integration and cooperation of security, storage and systems management.

In the end the question of "Troubled Waters" is not "to diversify or not", its to "converge or not". IT technologies need to converge around the real security needs of their customers ..... Security 2.0.

Another article on this subject can be viewed at New threats call for a fresh approach....



Next post I will get back on track and discuss Data hygiene as a preface to digging deep into Security 2.0.

Don on Data


No comments: