Category Archives: RSA

March 20, 2012

RSA Conference 2012… the After

By erinkbanks

How dare it take me so long to do the follow up on the RSA Conference. It has been weeks and I should have been better at getting an update out. I will be honest that my goal was to write a blog post after each day but you know how that goes. Somehow San Francisco got the best of me. I must admit that I had a great time. This time, the conference was different for me. Yes I got to do booth duty but I also got to spend time with my fellow vSpecialist security lovers. At the conference was Joe Adams (vJoeAdams), Jim Brigham (@i2speakgeek), Brian Lewis, and Aaron Sanchez-Delgadillo (@aaronesd ). We each experienced different sessions of the conference, taking in the components that we thought were most beneficial.

I want to get it out there that the best comment I heard was… “Cloud is like a chicken nugget. It looks good on the outside, it tastes good, but you never really know what is in it”. How great is that? I mean that is what the entire battle of the cloud comes down to right? Sometimes I think that people mention that security is their concern regarding the cloud because they think that is what they are supposed to say but when it comes down to it, I feel like they don’t want to know. Not knowing gives you an excuse and in some cases lets you blame others. It is almost like that line, what you don’t know can’t hurt you. Now I am not saying that people actually say that they don’t want to know. I mean how would that make them look. I do think that this is what they say to themselves though. Which leads me to the second HUGE thought and conversation that I had at the conference….

Security vs. Compliance… Are you doing compliance and because you are compliant do you think you are secure? Now this isn’t a new thought… It isn’t like I came up with it on my own but I have noticed (after four RSA Conferences) that people still think like this. That because they are compliant or implementing compliance, they are secure. So lets focus on compliance first. There are always two types of people right? Those that do compliance for the check mark and those that really believe in what they are doing. The first party doesn’t want to know what is inside the chicken nugget because it tastes so damn good and that is all they know. Then there are those that wants to know that there are no by-products in there and even wants to know the calories associated with the chicken nuggets. So… which one are you? I mean seriously, do you want to do compliance or do you want to check a box. Now granted, I started this thought process talking about security and compliance and you can’t necessarily put them in the same bucket but in reality, performing compliance tends to lead to security (in my opinion). By implementing the control standards and the requirements, you establish a level of security but of course, that isn’t all you need but for some, I will take it at this point. Some other great and bad things that I heard at the conference are listed below (wow did I get some good material for future blog posts):

  • threats move at network speed
  • regulations and laws are rarely wanted in the beginning but they are needed. For example, seatbelt laws were hated in the beginning and now you never get in a car without putting one on
  • we have a plan for the exploit and for the attack back but we do not have a plan for defense
  • legislation is necessary but insufficient. We do not have a good plan
  • private cloud is just a public cloud behind a firewall
  • it is the responsibility of the implementer to turn the security switch on
  • provide update to the clients within 24 hours when there has been a breach
  • passwords are the Achilles heal of cloud security
  • can’t solve problems unless you know the problems
  • business is changing to lower costs but it ends up increasing security needs

Leave a comment   |  tags: | posted in RSA

February 25, 2012

RSA Conference 2012 … the Before

By erinkbanks

The RSA Conference 2012 officially starts February 27th, 2012. For me, Monday starts with the CSA Summit and booth duty. This is one of my favorite conferences. It is important to understand that the RSA Conference is not like EMC World or VMworld. This is a security conference… and one, if not the largest security conference. This is not a conference about RSA. For example, Symantec’s President and CEO is scheduled to appear Tuesday as part of the Keynote schedule. What a great concept… a conference not just about a company BUT about companies… no a conference about PEOPLE that are together for a common purpose. People that understand that a world without security is a world without air and water. Security changes everything, not being able to protect oneself from those that want to get us is a risky situation. Users and organizations have a right to understand what options are out there and what is needed to protect their organizations and the ability to see them all at once is a great opportunity. I am excited to see what is out there and even more excited to talk to the customers at the booth. I promise to get back with a recap. What will I be talking about? What I love to talk about everyday. I will be talking about security and virtualization at the RSA booth (make sure you stop by and say hi) and I can not wait to hear the battles that customers are experiencing directly from the customer. To be able to understand what challenges they are experiencing is so exciting to me.

The theme for this year is “The Great Cipher, Mightier than the Sword”. I love this theme. The RSA Conference Events group always have great themes but I really love this one because it is based on the beginning. Where did the idea come from? The theme originates in 17th Century France. A religious war was occurring between the Roman Catholic French and the French Protestants. The Roman Catholics were ruling and battling the Protestants in a small town. The Catholics intercepted an encrypted letter from the Protestants. The letter could not be broken until a mathematician Antoine Rossignol deciphered it. The French Protestants were lacking supplies and ammunition and soon surrendered. Rossignol and his son Bonaventure were noticed for the work by Louis XIII’s chief minister, Cardinal Richelieu who determined secure ciphers and codes to be of incredible value.

Leave a comment   |  tags: | posted in RSA

January 4, 2012

Keep Your Enemies Closer : Advance Threat Management

By erinkbanks

I was recently watching a replay of the CBS 60 Minutes report that originally aired in November 2009 called “Sabotaging the System”. The segment talked about viruses, malware, and hackers that have infected the public and non public networks. These include the federal networks such as the US Central Command (CENTCOM) network.  In 2008 the malware, agent.btz had landed on this network. It was believed that the virus found its way through a USB stick. This virus can see everything on the network and for some reason… they cannot get rid of it. According to the following article, the US military networks still cannot remove the virus in their network.

A USB drive… it was that simple. Hackers will find a way onto a network and for some reason, they don’t want to leave. One option that people initially like to take is to  block the USB port but we all know that making security a roadblock for the users can create more problems. A better option is to  use RSA Data Loss Prevention technology to allow only certain USB drives to have access to the system.  However, in spite of  all this work, blocking and denying… they might still get in. And this is  why we employ  defense in depth (multiple layers of security).  I love the RSA DLP capabilities but we need to do more than just lock the door. Looking at the security without the rose colored glasses, you will soon find out that if you have something worth stealing, someone will look for a way to steal it and one layer is not enough. As we like to say… “there are two types of organizations out there… those that have been hacked and those that admit that they have been hacked” (I use this line almost every day).

What does this mean in the long run? It is no longer about the protection, but understanding the threat. The only way to tackle the threat is to understand the threat. Why else did we say, keep your friends close but your enemies closer? How do you do this from a networking standpoint… by monitoring what is happening on the network. We do this by understanding the technology of the malware and its purpose. You can’t protect any of the systems when it’s a new malware and very little, to nothing is known about it. You need to understand where the attackers are going and what is or is not important to them.The technology that RSA NetWitness gives you… does just that. No more saying “we don’t know when they got onto the network and we don’t know what they took”… because you can see everything on the network. It’s literally like having a DVR for your network – you can watch and play back the activity… all activity on the network. When it comes down to it, not knowing what is happening or has occurred on your network is one of the negative facets of network security. Not knowing means that you will never have the ability to fix any problems, fix any holes, protect any data because you don’t know what you don’t know and that is the worst type of security. The fact is hackers are not going away as we try to put up barriers here and there, they still find a way in. Imagine your house is burglarized after you set the alarm, locked the doors, bought the dog…. wouldn’t you want to know how they got in? Wouldn’t you want to know what they took or touched? Do you really think you will feel ok if you stand in the middle of your house and just look at what is in eye view and assume that you will find out what went wrong? It doesn’t work that way… you wish there was a camera, you wish you could watch everything – that would help you prepare in case it happens again, because you would know what they know and you could fix that issue. That is what RSA NetWitness does… it lets you see the threat and it lets YOU manage it.

Leave a comment   |  tags: , , | posted in DLP, NetWitness, RSA, security

November 15, 2011

EMC and RSA… Enabling Virtual Administrators

By erinkbanks

Every day as I work with virtualization and the components that surround it, I am reminded why I love working at EMC and RSA. Yes, I have the privilege to work with the mother ship, EMC as well as the security division, RSA because both virtualization and security are my passion. One of the many reasons why I feel that EMC and RSA are the correct choices when developing your virtual environment is because EVERY… and I mean EVERY product manager of the EMC and RSA products tells me that their role is to “enable the virtual administrators”. Every product that EMC and RSA rolls out their doors at the core has two things in mind, security and virtualization. EMC and RSA build their products with security at step one. As a person who preaches about security, how can I not love the fact that the company that I work for chooses to build security into the fabric of their products. More importantly how can I not love the fact that the products are being developed specifically with the virtual administrator in mind

Simplification of the technology is the easiest way to ensure adoption. Outside of that, the users are just looking for excuses. If you simplify the technology, why wouldn’t someone implement the capabilities. If you break down the silos and give users the things they need to get their job done, why wouldn’t you implement the capabilities. If you enable the virtual administrators, why wouldn’t you implement the technologies that are there to simplify and break down your daily tasks. Are these not the tools that we have been asking for… the tools that we needed?

This blog post isn’t to go through the entire list of integration points or to cover the capabilities, this blog post is to clearly state the obvious… (my stake in the ground)… when you think virtualization you must think EMC and RSA. I have discussions with customers daily about their frustrations with wanting to move further down their journey to a virtual data center, customers want to be enabled and I am here to tell you that EMC and RSA understands that. We understand the pains mainly because we are our own best and worst customer but built in to us, built into our culture is virtualization and simplification. We work with these technologies daily just like you and we beg to have the capabilities that make sense. All our solutions, across the board, from the management suite, to backup, to recovery, to storage, to security are on the journey with you to the virtual data center.

Leave a comment   |  tags: , , | posted in EMC, RSA, security

April 28, 2011

April 7th Webcast – Recap

By erinkbanks

It has been awhile and I am sorry that I have not been able to post the slides from the April 7th Webcast that Sharon Isaacson and I did. It was a great webcast. We had 350+ people register for the event. Everything went really well…  the audio, the slides, the demo… everything… it was perfect and I was so grateful to have done it with Sharon. She is incredibly smart and amazing and I am so lucky to work with her. I have learned so much from her. It even provided us with some ideas for sessions VMworld (now I am crossing my fingers that we get picked). I have provided the slides below for your review if you were not able to register.

Leave a comment | posted in cloud security, RSA, security, virtualization, webcast

Follow

Get every new post delivered to your Inbox.