Welcome!

Mobile IoT Authors: Carmen Gonzalez, Liz McMillan, Elizabeth White, Ken Schwaber, Pat Romanski

Related Topics: @CloudExpo, Java IoT, Mobile IoT, Microservices Expo, Containers Expo Blog, Agile Computing

@CloudExpo: Article

BYOD Security Is a Network Architecture Problem

Do we still need endpoint security in the shadow of more powerful network layer security controls?

The data center (as we knew it) is never going to be the same. Fluid changes are already in motion, brought about largely as a result of ‘paradigm' shifts in computing including....:

  1. Multi-core processing and parallelism
  2. Cloud computing and server virtualization
  3. Bring Your Own Device
  4. Complex Event Processing
  5. Software Defined Networks
  6. Big Data
  7. Analytics and In-Memory Computing

... actually, several other major factors too, but that's a good data-centric 7-pack to start with is it not?

This swollen spring tide of information management elements brings with it empowerment for those that can bring meaningful analytics to bear upon the new data stack and, conversely, security concerns for those who fail to grasp the new triffid-sized nettle that has the growth potential to run rampant.

Colorful analogies aside... what are we talking about here in real terms? Enterprises today are increasingly forced to deal with massive amounts of so-called Big Data as they have to contend with the risk of employees connecting to the network with Bring Your Own Device (BYOD) tablets, smartphones and more.

This has created an inflexion point for large organizations in terms of data center transformation. We have reached a chasm where network security infrastructures will fail to scale and cope with the complexity of compute throughput caused by our seven factors as mentioned above. Put simply, the new under-managed over-clocked network is a security risk.

How Do We Put Our Next Step Forward Without Falling?
"The reality is, if a hacker wants to get into your network, then they will, 100 percent of the time. Match that risk with the new reality of BYOD security concerns and it's a heady concoction," argues Peter Doggart, management executive for security platform company Crossbeam. "Once we accept these basic truisms we can move on. From this point we can start to plan for compromised user containment, mitigation and segregation/quarantine."

It's not all about mitigation argues Doggart. Too much discussion circulates in the security industry focused on mitigation and cure, with comparatively scant lip service being paid to pre-infection prevention instead.

"You can't put anti-virus controls on an iPad; so putting controls at the network layer is the only way to deal with the security risks we stand in front of today. But going deeper, companies need to think about the structural build of their data centers and networks to ensure that they architect them correctly. New security vectors demand a new approach to application and network architecture. As a basic example, servers that process credit card data should be physically and locally segregated from other basic services."

Crossbeam's Doggart is adamant that this problem of implementing network security within more dynamic, virtualized data centers means that network security infrastructure needs to evolve in order to help organizations achieve their vision for the next-generation data center (NGDC). Then (and only then) can we successfully reap the benefits of cloud computing technology for both public and private environments he says.

Where Do We Turn Next?
Contemporary technologies in this space lean towards intelligent "boxed" solutions, i.e., appliances such as Intrusion Prevention Systems (IPS) and Threat Management Systems (TMS). Crossbeam's X-Series ‘network-in-a-box' challenges purpose-built security device products from HP, Oracle, IBM and others, suggesting that there is a defined need to "corral" switches, routers, load balancers, network layer protection mechanisms and application delivery controllers into a unified single solution. Indeed, HP appears to also embrace the ‘unification' label directly, naming its HP 200 Unified Threat Management (UTM) Appliance Series as it does.

Do we still need endpoint security in the shadow of more powerful network layer security controls? Take HP's aforementioned product, which does indeed come with anti-malware controls plus denial-of-service (DoS) attack protection, plus optional services such as anti-virus, anti-spam and URL filtering capabilities. The consensus argues that yes, we mostly still do need user endpoint security at whatever level we can bring it to bear; but it must work in harmony and unison with the wider strategy for this new and more intelligently designed network and data center structure currently under construction.

This is happening. Not everywhere and not at every level. But a network architecture security handbook should be on every CIOs Christmas list this year. Until we get there, wear a hard hat.

•   •   •

This post was first published on the Enterprise CIO Forum.

More Stories By Adrian Bridgwater

Adrian Bridgwater is a freelance journalist and corporate content creation specialist focusing on cross platform software application development as well as all related aspects software engineering, project management and technology as a whole.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Providing secure, mobile access to sensitive data sets is a critical element in realizing the full potential of cloud computing. However, large data caches remain inaccessible to edge devices for reasons of security, size, format or limited viewing capabilities. Medical imaging, computer aided design and seismic interpretation are just a few examples of industries facing this challenge. Rather than fighting for incremental gains by pulling these datasets to edge devices, we need to embrace the i...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
Fifty billion connected devices and still no winning protocols standards. HTTP, WebSockets, MQTT, and CoAP seem to be leading in the IoT protocol race at the moment but many more protocols are getting introduced on a regular basis. Each protocol has its pros and cons depending on the nature of the communications. Does there really need to be only one protocol to rule them all? Of course not. In his session at @ThingsExpo, Chris Matthieu, co-founder and CTO of Octoblu, walked through how Octob...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, discussed the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports.
SYS-CON Events announced today that Catchpoint, a leading digital experience intelligence company, has been named “Silver Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Catchpoint Systems is a leading Digital Performance Analytics company that provides unparalleled insight into your customer-critical services to help you consistently deliver an amazing customer experience. Designed for digital business, C...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togethe...
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
"Tintri was started in 2008 with the express purpose of building a storage appliance that is ideal for virtualized environments. We support a lot of different hypervisor platforms from VMware to OpenStack to Hyper-V," explained Dan Florea, Director of Product Management at Tintri, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and E...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...