Mark Nunnikhoven, VP of Cloud & Emerging Technologies, Trend Micro, at AWS Summit 2014 with theCUBE's John Furrier and Jeff Frick
Defending enterprise cloud : many security breaches are internal | #AWSSummit
https://siliconangle.com/2014/03/28/defending-enterprise-cloud-many-security-breaches-are-internal-awssummit/
This week, theCUBE broadcasted live from the AWS Summit in San Francisco, streaming the event and granting plenty of air-time for some of the brightest minds in the business.
Mark Nunnikhoven, VP of Cloud & Emerging Technologies with security specialist Trend Micro, joined Jeff Frick, General Manager of theCUBE, to talk about the security issues posed by the cloud when it comes to enterprise adoption.
“Of course, the big knock-down on cloud – and AWS specifically – tends to be the assumption that it is not secure enough, and that enterprises are not comfortable and ready for it,” noted Jeff Frick.
“A lot of what you’ve said it’s just a myth; it’s lack of understanding,” replied Nunnikhoven. “People do not understand that, when you are moving to the AWS cloud, security works in a shared responsibility model. Now you partner with AWS to provide overall security; they take some of the heavy lifting, and then you still have work to do. People expect a hands-off experience and that’s when they get bit. You need to know what your responsibilities are, and work with Amazon AWS, to make sure you meet that and have a complete model.”
Frick asked Nunnikhoven to detail some of the specifics that people miss, citing Trend Micro’s guide in helping them solving the security issues.
“We take over where the customers hear it’s their responsibility; the shared-responsibility model means that you, as a user of AWS, need to secure the operating system, your applications and your data,” explained Mark Nunnikhoven. “Everything underneath that is taken care of by AWS. Trend Micro provides products and guidance and professional services help. We help people secure their operating systems with advance controls like Anti-Malware, Integrity Modeling and Intrusion prevention as well as encryption for their data at rest, and then we have a product called Deep Security for Web Apps that helps validate all those controls as a security scanner.”
Nunnikhoven was also happy to announce that Trend Micro received pre-approved status for AWS. “You can scan all your applications and data in AWS, without getting permission ahead of time; that’s not something that every scanner has, you normally have to ask AWS for permission, otherwise their security guys get a little angry,” joked Nunnikhoven.
“Basically people want to run security scans on what they have,” observed Frick, asking Nunnikhoven if Trend Micro was the only provider with pre-approved scanning capabilities from AWS.
“There are others, but we offer a complete solution of packages.Our defensive controls also ‘talk’ to our scanner – you get an additional layer of intelligence there and it’s all backed by our global intelligence network we call the ‘smart protection network’, which has over 1000 researchers contributing new information every day. It’s a huge pool of data that can leverage to protect your applications,” added Nunnikhoven.
Protecting cloud-defining trends
Frick then invited Nunnikhoven to talk about two things that define cloud: the infrastructure impacting security and the remote devices.
“At a strategic level, we had to shift away from protecting stuff to focusing on protecting your information. The idea of one giant wall to protect everything no longer holds water because you have so many different areas,” said Nunnikhoven. “A good example is the AWS Workspaces which launched with public availability this morning. Your data now lives in the AWS cloud, and they let you access it from any of those devices, but the data only stays into that one place,” clarified Nunnikhoven. “They tried to solve that problem of having your data everywhere, by giving you access everywhere but keeping the data safe in one location.”
“Your access is distributed, but the actual application isn’t,” summarized Frick.
“There’s two ways to approach it and it really depends on what the specific app is, but distributing access, if you are not going to give your users access, where and when they want it, they are going to route around you and figure a way,” explained Nunnikhoven. “As a security provider, we want to make sure that we provide tools that enable people to have that access. You can let security drag you down. That goes back to the original question of security as a blocker in the cloud: when you address security in the right way, with the right tools, it’s really an enabler for all these types of solutions that we’ve been talking about.”
...........
@thecube @Trend Micro #TrendMicro
#AWSSummit Mark Nunnikhoven @SiliconANGLE theCUBE #theCUBE @theCUBE @Amazon Web Services #AWS #AWSSummit
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS Summit 2014 | San Francisco. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For AWS Summit 2014 | San Francisco
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for AWS Summit 2014 | San Francisco.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
AWS Summit 2014 | San Francisco. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to AWS Summit 2014 | San Francisco
Please sign in with LinkedIn to continue to AWS Summit 2014 | San Francisco. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Mark Nunnikhoven, Trend Micro | AWS Summit 2014
Mark Nunnikhoven, VP of Cloud & Emerging Technologies, Trend Micro, at AWS Summit 2014 with theCUBE's John Furrier and Jeff Frick
Defending enterprise cloud : many security breaches are internal | #AWSSummit
https://siliconangle.com/2014/03/28/defending-enterprise-cloud-many-security-breaches-are-internal-awssummit/
This week, theCUBE broadcasted live from the AWS Summit in San Francisco, streaming the event and granting plenty of air-time for some of the brightest minds in the business.
Mark Nunnikhoven, VP of Cloud & Emerging Technologies with security specialist Trend Micro, joined Jeff Frick, General Manager of theCUBE, to talk about the security issues posed by the cloud when it comes to enterprise adoption.
“Of course, the big knock-down on cloud – and AWS specifically – tends to be the assumption that it is not secure enough, and that enterprises are not comfortable and ready for it,” noted Jeff Frick.
“A lot of what you’ve said it’s just a myth; it’s lack of understanding,” replied Nunnikhoven. “People do not understand that, when you are moving to the AWS cloud, security works in a shared responsibility model. Now you partner with AWS to provide overall security; they take some of the heavy lifting, and then you still have work to do. People expect a hands-off experience and that’s when they get bit. You need to know what your responsibilities are, and work with Amazon AWS, to make sure you meet that and have a complete model.”
Frick asked Nunnikhoven to detail some of the specifics that people miss, citing Trend Micro’s guide in helping them solving the security issues.
“We take over where the customers hear it’s their responsibility; the shared-responsibility model means that you, as a user of AWS, need to secure the operating system, your applications and your data,” explained Mark Nunnikhoven. “Everything underneath that is taken care of by AWS. Trend Micro provides products and guidance and professional services help. We help people secure their operating systems with advance controls like Anti-Malware, Integrity Modeling and Intrusion prevention as well as encryption for their data at rest, and then we have a product called Deep Security for Web Apps that helps validate all those controls as a security scanner.”
Nunnikhoven was also happy to announce that Trend Micro received pre-approved status for AWS. “You can scan all your applications and data in AWS, without getting permission ahead of time; that’s not something that every scanner has, you normally have to ask AWS for permission, otherwise their security guys get a little angry,” joked Nunnikhoven.
“Basically people want to run security scans on what they have,” observed Frick, asking Nunnikhoven if Trend Micro was the only provider with pre-approved scanning capabilities from AWS.
“There are others, but we offer a complete solution of packages.Our defensive controls also ‘talk’ to our scanner – you get an additional layer of intelligence there and it’s all backed by our global intelligence network we call the ‘smart protection network’, which has over 1000 researchers contributing new information every day. It’s a huge pool of data that can leverage to protect your applications,” added Nunnikhoven.
Protecting cloud-defining trends
Frick then invited Nunnikhoven to talk about two things that define cloud: the infrastructure impacting security and the remote devices.
“At a strategic level, we had to shift away from protecting stuff to focusing on protecting your information. The idea of one giant wall to protect everything no longer holds water because you have so many different areas,” said Nunnikhoven. “A good example is the AWS Workspaces which launched with public availability this morning. Your data now lives in the AWS cloud, and they let you access it from any of those devices, but the data only stays into that one place,” clarified Nunnikhoven. “They tried to solve that problem of having your data everywhere, by giving you access everywhere but keeping the data safe in one location.”
“Your access is distributed, but the actual application isn’t,” summarized Frick.
“There’s two ways to approach it and it really depends on what the specific app is, but distributing access, if you are not going to give your users access, where and when they want it, they are going to route around you and figure a way,” explained Nunnikhoven. “As a security provider, we want to make sure that we provide tools that enable people to have that access. You can let security drag you down. That goes back to the original question of security as a blocker in the cloud: when you address security in the right way, with the right tools, it’s really an enabler for all these types of solutions that we’ve been talking about.”
...........
@thecube @Trend Micro #TrendMicro
#AWSSummit Mark Nunnikhoven @SiliconANGLE theCUBE #theCUBE @theCUBE @Amazon Web Services #AWS #AWSSummit
