In the cloud, data is not tied to one server or even one group of servers, and it can be accessed from multiple devices simultaneously. To protect data, therefore, security solutions must shift from defense of a fixed perimeter towards an approach that protects the data as it travels from physical to virtual to cloud environments.
In the post-PC era, Trend Micro envisions a smart, data-centric security framework that advances the capabilities of our cloud-based Smart Protection Network™, adds smarter threat protection that correlates local threat intelligence; smarter data protection that follows and protects your data; and unified security management that increases visibility into data access and potential attacks.
This presentation was given at the Information Security Executive Summit on 28th / 29th February 2012
3. Trend is No.1 in Server and Virtualization Security
Physical Virtual Cloud
Trend
Trend
Micro
Micro
13%
23.7%
Worldwide Endpoint Security
Revenue Share by Vendor, 2010
Source: IDC, 2011
Worldwide Endpoint Security
Revenue Share by Vendor, 2010 Source: 2011 Technavio – Global
Source: IDC, 2011 Virtualization Security Management
Solutions
Copyright 2012 Trend Micro Inc.
4. Virtualization Journey Stages
Stage 1 Stage 2 Stage 3
Server Consolidation Expansion & Desktop Private > Public Cloud
85%
Servers
Desktops
70%
30%
15% THE SECURITY INHIBITORS
TO VIRTUALIZATION
Copyright 2012 Trend Micro Inc.
5. The Ever-Changing Threat Landscape
2009 2011 2013
Global Threat Distributions
Based on estimations by a panel of
experts within Trend Micro, 2012
Copyright 2012 Trend Micro Inc.
8. The Enterprise Endpoint Evolution
Cloud
50%
Mobile Devices/SaaS
DataCenter Management
Virtual
Driven
20% 15%
Virtual
Laptops/PCs
Physical
80% 35%
EndPoint Management
Driven
2011 2013 3-5 Years
Cross-over year
Copyright 2012 Trend Micro Inc.
9
9. Consumerisation
iPhone
Windows
phone
iPad
• Challenges:
– Manage mobile devices
– Provide secure access to
applications and data
– Defend against social media-
based attacks
– Data protection for BYOIT
• 47%: Mobile workers who have a personally owned
tablet that they use for at least some work
Copyright 2012 Trend Micro Inc.
10 Copyright 2011 Trend Micro Inc.
10. Mobile Device Market
Mid-Market
(~250-2500)
Mobile Devices
In the Enterprise
Hype Cycle
Enterprise
(~2500+)
2012
Copyright 2012 Trend Micro Inc.
11. Mobile Device Protection Requirements
Manage Efficiently Protect the Data Secure the Devices
• Device Discovery • Encryption • Anti-Malware
• Device Enrollment • Remote Wipe • Firewall
• Device Provisioning • Remote Lock • Web Threat Protection
• Asset Tracking • SIM Change/ Watch • Email Security
• S/W Management • Feature Lock • Call/ SMS Anti-Spam
• Remote Control • Password Policy • App Control/Lock-down
Central Policy Management
Copyright 2012 Trend Micro Inc.
12. Deep Security
An Agentless Security Environment
Deep Security Virtual Appliance
• Anti-malware • Intrusion Prevention
• Integrity Monitoring • Web App Protection
• Firewall • Application Control
The Old Way With Deep Security
More VMs
Security
VM VM VM Virtual VM VM VM VM VM
Appliance
Higher Fewer Easier Stronger
Density Resources Manageability Security
Copyright 2012 Trend Micro Inc. 13
So, what can enterprises do to actually benefit from Consumerization and make it work to their advantage? Well, the first thing Trend suggests is to accept the fact that consumerization is happening. It can’t be stopped - and it doesn’t make sense to try. You can embrace Consumerization in order to unlock its full business potential.So how do you go about it?Trend Micro recommends a three-step approach to embrace consumerization: 1--Have a plan. Take a strategic approach to Consumerization. IT cannot do this in a vacuum: engage your lines of business owners (marketing, sales, HR, product development), involve your early adopters in the company, ask them what they use, what they like, and what they find most useful to support their work activities. Pull from their consumer experience rather than push your IT perspective onto them.2--Say yes…but not to everything…and not to everyone. Develop a set of policies that clearly define which technologies are fully supported vesus tolerated or prohibited. Profile your internal users based on their role, line of business and location. Then map technologies to user profiles and define an Service Level Agreement (SLA) for each intersection. 3--Put the right infrastructure into place. Deploy enterprise-grade tools and infrastructure specifically designed to secure and manage consumer technology in the enterprise. No single vendor can provide one solution that covers all functional requirements across all platforms. And several vendors from adjacent product segments offer overlapping core functionality. For a start, you will probably have to look at security vendors for Internet content security, mobile anti-malware and mobile data protection. And look to Mobile Device Management vendors for system provisioning and application management. And to Telecom Expense Management solutions for procurement, support and cost control of voice and data services.Additional resources:Go to Trend Micro Global Sales Toolkit (GST) for access to the internal-only Gartner reports on mobile data protection and mobile device management: http://sales.trendmicro.com/pr/tm/en-us/assets/view-document.aspx?rid=139894Trend Micro Mobile Security (TMMS) assets on GST:http://sales.trendmicro.com/pr/tm/en-us/assets/home.aspx?s21574=20::25189
Now that we’ve looked at the threat landscape, I’d like to talk a bit about general security approaches. Here we see the traditional outside-in perimeter defense. This security model is based on the assumption that data stays inside the system and application, and that systems and applications stay inside the network. [click]Anything on the outside is inspected and potentially blocked at the perimeter, if flagged as a threat. Multiple layers work together to stop threats at the earliest possible point in the network.
The outside-in approach is still important, but, alone, is not sufficient in today’s evolving data center. Disgruntled employees are already within the perimeter. Advanced Persistent Threats are unique attacks that will not be stopped by many traditional perimeter defenses. And the changing nature of IT is causing deperimeterization with new technologies like virtualization, cloud computing, and consumerization. New security approaches must be added to the traditional outside-in protection.
#5 - ConsumerizationAlready well covered in the general sessions, but you really cannot understate how much pain this is creating for IT decision-makers Social media is close behind it devices:30 billion pieces of content are shared on Facebook every month 78% of social media users think their privacy settings are sufficient Social engineering is giving way to social media engineering MDM in downward phase of Hype Cycle, but managing devices still primary concern for customers, so having a solution is a great way to get on their radar MDM still preferred approach in regulated environments - doctors coats now being made with pockets big enough to hold iPad, need to take a stronger centrally managed approach to management and access Not just about smartphones and tablets and apps - also about data sharing and even supporting Mac laptops SF customer who is heading towards 50% of their environment (6000 clients) being Macs.As of early 2011, 30 billion pieces of content (links, photos, notes, etc) are shared on Facebook every month (source: Royal Pingdom, “Internet 2010 in Numbers,” 12 January 2011), and 50 percent of active users log into Facebook every day (source: eConsultancy.com). A Harris Interactive poll found that 65 percent of U.S. adults use social media and say that they have received a positive benefit as a result (source: Harris Interactive, “The Pros, Cons and Learning Curve of Social Media,” 18 January 2011), and that 78 percent of social media users felt that their privacy settings were sufficient to prevent potentially negative social media experiences, even as the number of malicious applications and frequency of social media-related data breaches were increasing.The consumerization of IT is already happening, and it is about more than smartphones and tabletsMobile devices have overtaken PCs as the predominant means of connecting to the cloudData must be accessible to employees and partners from many locations outside the traditional networkSocial media and cloud-based services are essential components of any business’ growth strategyThe Consumerization of IT also carries many potential risks and costsIncreased operational costs due to managing a de-standardized, heterogeneous environmentIncreased capital costs to port applications, scale data centers and deliver corporate data to a heterogeneous endpoint environmentIncreased risk of data loss and business disruption in a difficult-to-secure IT environmentTrend Micro has seen the advent of this new world of end user and have designed a portfolio of solutions to help businesses embrace consumerization, unlocking its opportunities while containing its costs
We’ve “borrowed” the idea of the Hype Cycle to show the journey that most enterprises are experiencing with mobile devices. The trigger is usually BYOD and that causes security owners to react the way they’ve reacted to end-user security in the past decade: by controlling the device and everything on it. This is what most MDM vendors are focused on. This is a great start, but both security and business owners quickly realize that it’s not the devices that matter, but the data on the devices. When they move to make the MDM solutions solve this challenge they quickly realize that it’s just not possible to segregate the corporate and personal data on the devices and maintain the usability of the device – this leads to the equivalent of the trough of disillusionment.But a new technology has emerged recently that gives Enterprises the flexibility to manage not only the apps on the devices, but also the data that belongs to the apps. Very few Enterprises globally have made the transition out of the trough, but many of them will be making the move in 2012 and it’s interesting to note that they don’t always choose the same vendor for Mobile Application Management as they do for Mobile Device Management.Mid-Market customers are about 12-18 months behind the average Enterprise customer. So in 2012, we plan to address the needs of the Enterprise by moving into Mobile Application Management and the Mid-Market by ensuring we have an easy to use, easy to deploy Hosted Mobile Device Management solution. But in the meantime, we have a very competitive MDM solution on the market in TMMS.
Threat Intelligence Map enable user to visualize global and local SPN (Feedback loop) infection trail in 24 hours or 7 days fashion.User can either select top 20 ranking or manually query malware name from console to render detection trails.
TIM rollout topology working with Trend and 3rd party logs