Content Keeper

The leader in web security solutions to secure today’s Web 2.0 business environment. . Learn more

Making security scale: Why you're probably not ready to secure mobile and cloud

The explosion of mobile devices may be creating new learning and business opportunities in large school and business environments, but without a suitably matched security platform those devices are opening up new vulnerabilities that will end up creating nothing but headaches for administrators.

That's the warning of David Wigley, who has worked with many of the largest organisations in Australia to bring high-grade content filtering and malware detection capabilities to school systems, Internet service providers and other large organisations that need to be able to apply security policies consistently at massive scale.

As CEO of a Canberra-based security developer, Wigley has helped grow the company from an Australian success story into a global security powerhouse with tools protecting more than 10 million seats globally; it branched into the US market a year ago and is seeing “phenomenal” growth in that market, he says.

Yet the company's biggest asset is its design: ContentKeeper was a pioneer in development of closed-loop collaborative filtering technology, which builds on bridge-based technology to rapidly assimilate crowdsourced security alerts to protect high-volume environments running multiple gigabits per second of aggregate data.

A key element of this success comes from the idea that content analysis and blocking needed to be able to analyse traffic on-network rather than diverting it through a separate gateway. This led to the bridge-based architecture that, Wigley says, has delivered the kind of scalable performance that gateway-based alternatives struggle to match.

“This approach gives you a 10:1 processing advantage as far as looking at packets flying past on a network,” he explains, noting that this early speed advantage has become even more important as the number and type of devices to manage has expanded in recent years.

That management has also become more difficult in mobile environments such as schools, where traditionally capable students have proved highly effective at circumventing protections built into their mobile devices. To ensure that acceptable levels of security are maintained in such environments, a more inescapable method of security – inspecting all incoming and outgoing traffic on the network regardless of its source – is becoming the preferred option.

“Mobility is driving the market,” Wigley says, “but most of the solutions out there can be disabled by educated users. Filtering becomes a bit of a joke, really. We're the only people that have a tamper-proof solution for iOS: it's critical that the kids can't take their devices home and change settings to do what they like.”

Securing the cloud

With cloud security now adding to the expanded demands of securing the mobile environment, the need for fast and unobtrusive filtering capabilities has only increased further.

Securing the flow of data to and between these domains, Wigley says, requires a unified defence mechanism that allows customers to maintain the same level of security protection no matter what device or service they are using.

“The future is a hybrid approach,” Wigley says. “Some will have mobile suites and some will use a cloud-based service. What customers really want is to wander from one environment to another seamlessly.”

Making that happen while preserving security, however, isn't without its share of complexity. Widespread use of cloud encryption, in particular, will cause challenges for security tools that cannot effectively scan the contents of encrypted packets traversing their filtering infrastructure.

Given that today's malware authors are better than ever at faking the digital certificates supporting secure communications – and that cloud providers like Google and Yahoo are rapidly mandating the use of SSL (Secure Sockets Layer) encryption – Wigley warns that access to this traffic is an essential capability for organisations to mount effective security defences.

“If someone wants to make new malware these days, the first thing they do is to go create an SSL tunnel,” he explains. “This lets them establish tunnels and send stuff straight to your desktops. If your security software isn't looking inside those tunnels, you can't see what's going on. The more SSL you have on the network, the bigger the blind spot.”

Sandboxing technology offers another layer of protection, allowing the security perimeter to contain detected threats in a protected environment where the behaviour of malware can be both controlled and analysed. Also important in the mix are “sensible” policies such as restricting direct access to external systems.

Given that there are now so many modes by which organisations can be attacked, companies without a single, unified, overarching defence may find themselves struggling to keep up with the rapidly growing and changing malware threat.

And while a highly-scalable security architecture can help even the biggest organisation keep up with ever-bigger data transfers, Wigley concedes that maintaining an effective security barrier is an unending process. “Nobody has the full answer yet,” he says.

“It's a matter of using as many techniques as you can. Effectively, you're just building walls. And the more techniques you use, the higher the wall is and the harder it is to get in. You can't cover every single thing in this area – but you can do a pretty good job.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Vulnerabilitiesmalware detectionsecure mobilesecurityCloudsecurity platformsecurity scaleContentKeeperDavid Wigley

More about GoogleYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place