Security, et al

Randy's Blog on Infosec and Other Stuff

«  Finally, a new and differ... | Live at RSA: Stopping Key... »

Live with Dell at RSA 2015

Thu, 23 Apr 2015 12:09:35 GMT

Dell Software is my longest time sponsor and has made possible many hours of my real training for free ™ webinars.  We don’t usually give them much time to talk about their products on my webinars and they are really nice about that.  So I thought I’d set down for a few minutes at the UltimateWindowsSecurity.com booth here at RSA 2015 with Todd Peterson.  You never hear from Todd on the webinars but he is one of the main folks behind making them possible and he has a good perspective on Dell Software’s sizable portfolio of security products.  Our conversation centered around the Dell Software security portfolio as a whole and what makes it compelling compared to point solutions.

(Transcript below video)

Randy:  Alright, so back at the Ultimate Windows Security Booth at RSA.  This time I’ve got Todd Peterson from Dell.  And folks, you’ve probably have, I don’t know if you’ve heard Todd before, but you’ve heard a lot of other Dell people because Dell and before that Quest have been pretty much our best and biggest sponsor of real training for free™, so thanks a lot for that through the years Todd.  But, here’s what I want to talk to you about and I’m picking this topic for you because how many security products does Dell have?

Todd: Lots.

Randy:  Yeah.

Todd:   I mean, Dell kind of has the strategy of baking security into everything they do, so you know, if you want to be really technical, every laptop, every tablet, every server, every router, every switch has security baked into it.  If you want to be a little more literal on the classic security products, firewalls, data encryption, it’s probably 40 or 50 separate offerings across the whole line.  Most of them under the Dell software group umbrella.

Randy:  So, if we want to buy “a security”, we can go to….

Todd:  Yeah, yeah I’m happy to sell you an app for security. 

Randy:  Right.  Okay, but the thing of it is, is then and you’re the perfect person to expound on this, is do we go after security piecemeal, like here’s my risk, I want to solve this problem or do we build a security stack and think strategically, how are we going to make all these pieces fit together and then the risk is time to value and functionality but we never get anything out the door?

Todd:   I think in a perfect world, you do the latter.  You plan it out, you build security from the ground up, everything fits together and works great, but we know that that never actually happens.  So you end up with a piecemeal approach with whatever the fire of the day is or you know BYOB all of a sudden comes up and you didn’t even think about that, you know 12 years ago when buying a server was your big deal and so piecemeal is the way it has to go, but if you approach piecemeal with the right strategy, there is going to be something next and you may not even know what it is.  So just make sure that you’re future looking with everything you do.  I think piecemeal can work and kind of give you that plan from the ground up, you know, result without actually having done it.

Randy:  Yeah, because what I fear is management coming and they’ve read about a breach and they’ve read what Gardner or whoever is saying at the time, we need to get control of mobile devices.  We don’t have a mobile device management.  Go get MDM and so you go and you buy a MDM point solution, you get that in place.  Iterate that a few more times and what you’ve ended up with is a whole bunch of solutions, maybe a lot of them really cool, but they were from start ups, a lot of them.  They’ve gotten bought by someone else over the years, who knows what has happened and do they all talk to each other.  Because that’s the other thing, Todd, is getting your security products to talk to each other is opening up a whole new world of synergy, so given that you’re a company with 40-50 different security products, you probably have feelings on these issues.

Todd:   Yeah, I mean obviously you want them to talk to each other, but, you know the reality is people are often, you know you have pressure, you have to solve the problem today, so you’re going to go out and you know, whoever you’re hearing the most about to solve that problem is at the top of the list.  Maybe you’ll implement them, maybe you won’t, but you know, then down in the future, the next thing comes up and that solution’s great, but the next thing can’t be solved by that solution, so you do it again.  So, what you end up with is you’re defining security and the controls that provide security, so, an identity of a person, a person’s authorizations, the way you authenticate, what it means to be somebody, you’ve defined that in each and everyone of those silos, and you’ll probably define it differently.  So then standards emerge, that if you’re able to wait for the standard to take over, that makes it a little easier.  You know, only use SAML authentication, that solves a lot of the problems.  Use other standards is the baseline.  That’s good, but a lot of times the problem can’t be solved at that time.  So you just need to look for things that are on the cutting edge of standards, but also for a strategy of not reinventing the wheel every time a security issue comes up.  You don’t want 12 Randy’s across 12 different security silos.  You want 1 Randy that’s applied 12 times to across 12 silos, if that makes sense.

Randy:   Well, that’s ironic since Dell is, would you say your core security product is your one identity solution?

Todd:  I would definitely say that. 

Randy:  Yes.  Well let’s come back to that and talk about what is the core of a company’s security stack, but I think what you’re getting at is that to build a house, you have to put the foundation in first, you cannot say, you know, the biggest thing I need right now is a roof, and then I’ll come back and do the foundation.  There’s a sequence that you have to build things in.  Alright, with an IT environment, that’s not really the case.  You do have the option to say these are my biggest pain points.  I don’t have a roof over my head, I know I don’t have a great foundation for identity or whatever, but I need to get that roof over my head in terms of two factor authentication or mock change auditing, whatever.  I could go put that roof in and I can say I also need this door over here with a lock on it, but so that’s piecemeal, but what you’re saying is that what we want to do is be looking towards the future and saying at the end of the day we want a house that’s all connected to each other and doesn’t look like we bought a trailer and then added on a family room.

Todd:    Or worse case, you end up with 12 trailers.

Randy:  Well that’s ulgy.

Todd:  So yeah, I mean totally.  And what I would say to that foundation is as you’re putting the roof on, let’s say you’re just doing your roof, you know, you do have the opportunity at that time to form up the foundation and set it up so that when you put in the walls, when you put in this door, when you add on to the house, that those things can happen easier without re-pouring a new foundation.  So, you know, getting that foundation solid and then right along with that first big fire that you’re putting out, is probably the best approach and I would say that foundation is what I mentioned earlier…identity, role, authorizations, authentication, you know, getting those things set because if people can’t get to the stuff they need to do their job, there’s no point, that’s why it’s there.  Security is often viewed as a barrier to people doing their jobs because it’s another person saying no instead of another person saying yes.  But, if that foundation is right, there’s going to be opportunities to say yes, go way up and the opportunities for the temptation to say no unnecessarily has just disappeared. 

Randy:  Yeah, well that’s, I always go back to we’re in business to do business, not to be secure.  Secure doesn’t make money.  So I think what I’m hearing is you’re thinking about what we’re hearing from a lot of folks is the whole whether you want to call it dynamic or adaptive security, right, being able to dynamically say I need more assurance that this really is Bob, right?

Todd:  Yeah and if you think about the way security is normally implemented as a silo approach, you know, you’re on-prem you’re using a company controlled device.  There is a set of rules, you follow those rules and you’re allowed to get to something.  So you go off-prem they’ve established another set of rules for that and you follow those rules, you’re allowed, you’re using their mobile device, a different set of rules, data encryption is involved, different set of rules.  You’re coming from an IP that’s unknown to the organization of a different set of rules.  So, each of those can return a yes or no decision.  If any one of those 5 things, returns a no, the answer is no, even though I may legitimately be doing things that’s going to be absolutely secure, but one says no.  But, what if you take into account the context of the who, what, when, where, why, how and past history to make a dynamic decision in real time that says hey I know who you are, I know where you are, I don’t know you’re device, but I know that you’re history means that you’ve come in from a device like this one and so I’m going to allow you in.  So you can kind of take into account the varying strengths of the yes and no decisions to return an accurate decision that changes in real time depending on the situation.  You know, that’s I think the nirvana of security.

Randy:  So, going back to the building at your security stack and piecemeal and looking toward the future and so on, you know, what do we get if we make a commitment to Dell in terms of… you know, I have to have a lot of worry.  My supply management people have worry every time I bring in another vendor or another partner on board.  All right, how healthy are they, are they going to be in business, what’s their limits of support and so on.  So I mean, what’s codified in terms of if we come to Dell and saying if possible we’re going to try to get our different pieces of security from Dell?

Todd:   Well, obviously we would like that, but the advantage is Dell is a very mature, very stable company that’s not going anywhere and has a long legacy of very happy customers including customer service excellent support and each of the acquisitions that they’ve made have been of companies with an equal to a lesser degree, but an equal reputation, so they acquired Quest, which is where I came from.  You know, Quest has some of the industry leading customer satisfaction numbers on a software site.  The security software, being Identity Access Management stuff, is the leading satisfaction among the questions. So all of these things come into play that you know, you’re going to eventually have to buy a firewall if you don’t already have one or you may have to upgrade your firewall.  You’re going to have to buy something for identity and access management, something for privilege management, something for authentication.  You’ll probably eventually need a data encryption type of solution.  You’re going to need security baked into your servers and your laptops and your tablets and your desktop computers.  If that ultimately is in the same place and you know it’s not going anywhere, then you already trust and you know you can continue to trust, that really alleviates a lot of the danger, a lot of the risk and a lot of the worry of am I really going to be secure next year with the decision I make today?  With Dell, we feel and I think that history proves that yeah you’re set for years and years and years and years, at least from a peace of mind state.

Randy:   Well, it is, I’m always amazed.  I can never keep track of all the different security solutions that you have and you’re starting to make them talk to each other more too.

Todd:   Yeah, absolutely.

Randy:  I think that’s important and that’s something maybe that I had wished for more in former days and I’m seeing more now, so…

Todd:  Yeah, for example a lot of our authentications solutions, our multifactor authentication our federations’ solution are beginning to be reused by other Dell technologies.  So the Quest KACE MDM solution uses our single sign on federation.  The Dell SonicWall firewalls use our multifactor authentication.  You know, all they’re offerings, the Dell offering for medical organizations uses our signal sign on solutions.  So you know there’s a lot of places where this 1+1=3 can come to pass because it’s, you know, all offered by the same organization.

Randy:   And that’s what I would want and expect if I’m going to make a commitment and say all right, I’m not just going to automatically go out there and get the cheapest, newest and best of breed solution for each piece of the puzzle.  I want that synergistic benefit of going with a vendor.  If I’m going to go with one vendor, then I’m hoping for that synergy along with products.  The more of their products I use, the more of that 1+1=3. 

Todd:  Yeah, and the treads continue, you know where I mentioned earlier that adaptive context way of security.  Right now that involves few of our identity and access management solutions and our firewalls and the SecureWorks Counter Threat platform.  In the future that can expand to where the firewall is actually enforcing, not just helping make a decision, where an encryption solution from Dell is enforcing in addition to helping to make a decision and it can go anywhere and then when we build an API into it, then it can actually go beyond Dell and you can build your own contributive piece to that context where it thinks.  So you know we are excited about that, but you know it all comes down to it’s one big stable strong company that can provide it to you.

Randy:   That’s cool.  Folks normally you’re used to seeing me or at least listening to me more, but this is an opportunity I get to talk to the people like Todd that make all the real training for free™ webinars possible and I said let’s just talk about their products a little bit.  So thank you, thanks for all the great webinars that you’ve sponsored over the years.  We get lots of people that come up and say I go to every single one of your webinars and when we need answers especially on windows security log, they come here, but you guys are the ones that make that possible, so thanks.

Todd:   Thanks for allowing us to do it.  We find a lot of value in it as well.

Randy:  Well, take care.

Todd:  Thanks Randy.

email this digg reddit dzone
comments (0)references (0)

Related:
5 Indicators of Endpoint Evil
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Comments disabled

powered by Bloget™
Search


Categories
Recent Blogs
Archive


 

Upcoming Webinars
Additional Resources