Businesses may be actively pursuing new opportunities to leverage new devices and cloud services, but many are struggling to protect their technological investments with security frameworks that also offer better business outcomes.
This challenge, says BlackBerry chief security officer David Kleidermacher, has led to many businesses that either implement security that alienates users by being too restrictive – or fails to protect them adequately because they favour simplicity over functionality.
It’s a fine balance, but one that has become crucial to resolve as the ongoing onslaught of cybersecurity attacks forces businesses to tighten controls on their endpoints – and knuckle down for new threats as they embrace cloud-based business supported by scores of new devices that form part of the Enterprise of Things (EoT).
“Offering cloud solutions is now common practice,” says Kleidermacher. “What is not common, however, is achieving the level of security, compliance, and trust that businesses demand.”
It can be difficult to link those business goals with suitable technological protections, but this process, he says, is nonetheless essential if the global business community is going to be able to manage devices at “world scale”.
The world has already been given a firsthand example of what can happen when large quantities of connected devices are poorly managed: late in 2016, the freely-available Mirai attack used clever coding to recruit nearly 500,000 consumer devices into a mesh of attackers that pummeled targets with distributed denial of service (DDoS) attacks of a magnitude that had not been seen before. Among other targets, the attacks disrupted the functioning of US Internet-infrastructure provider Dyn and German telecommunications giant Deutsche Telekom – and similar attacks could mean major problems for any business that came within the hackers’ sights.
The problem with insecure endpoint devices, Kleidermacher explains, is that many aren’t being designed to be remotely managed or controlled – which means they can’t be patched to fix new vulnerabilities as they are found.
“Mirai, for example, cannot be taken down because the devices it infects were built without a mechanism to remotely patch vulnerabilities,” he explains. “If we hope to prevent a Botnet of Things, developers must build secure endpoints – which includes not only secure-by-design for the Thing itself, but also the ability to patch the thing’s firmware, update its security policies, revoke its certificates, and so on. These management capabilities are the cornerstone of traditional endpoint security in the enterprise and will be for the Enterprise of Things.”
A longtime provider of secure mobile phones – including the BlackBerry Priv, a mobile that has been designed to blunt the vulnerabilities of the Android platform through regular patching and security-by-design – BlackBerry has been pivoting its business to extend its strengths in security and mobile device management (MDM).
Its new target: the cloud, mobile, and IoT-driven ecosystem where business and government customers need to operate with security that is both integrated across the business and tailored to the idiosyncrasies of widely-distributed computing environments.
BlackBerry is addressing the needs of these environments through its BlackBerry Secure offering, which draws on its experience in MDM – and the complementary technologies, such as digital rights management and its BlackBerry Dynamics secure mobile container technology, that it has obtained through recent acquisitions of WatchDox, Good Technology, AtHoc, and Encription.
This includes a growing focus on securing increasingly-connected cars, for example, that will also eventually extend to reach the healthcare, retail, and other sectors. “BlackBerry is solving critical business problems for connected cars and trailers by customizing BlackBerry Secure for the operational use cases in those markets,” Kleidermacher says.
Current concern around securing the Internet of Things should also drive a reassessment of enterprise security that will drive common security constructs for protecting all endpoints. This will have ancillary benefits in protecting data even from attacks such as whaling, which cannot be readily stopped using conventional scanning and filtering technologies.
Defence against such attacks will necessarily involve technological approaches – such as isolating critical information and services within secure containers using multi-layered authentication to control data access from insiders inside and outside the network.
“Any organisation can be attacked this way,” says Kleidermacher, “but you can minimise the risk and impact of insider threats if critical systems require both the password and a second factor to gain access.”
Effective security will also, increasingly, utilise new data representation and analysis with artificial-intelligence techniques that leverage threat intelligence and endpoint operational data to paint a more detailed picture of employees’ ongoing use of data. These techniques will increasingly be built into enterprise applications that tap into rich application programming interfaces (APIs) to position data security within contexts that are also relevant for the business.
In this way, businesses will be able to secure their network perimeter even as the inexorable forces of cloud, mobile and IoT transform that perimeter forever. And, says Kleidermacher, they will be able to do so by building security into core business processes rather than continually trying to wrap those processes with often poorly-suited security frameworks.
This approach will allow security to be integrated into broader business discussions about the benefits of online services and applications – which can more readily be translated into economic, productivity, and other business-relevant terms.
“Successful security requires providing the right economic incentive for adoption,” says Kleidermacher. “For BlackBerry, this means driving digital transformation through great security. And the list of solutions will continue to grow as we attack emerging EoT operational challenges. The proliferation of heterogeneous and unattended endpoints must be managed at world scale.”