Wednesday, September 23, 2015

Data-centric Security: The New Must Have


Where is your data right now? The explosion of cloud computing and consumer IT means that your data, as well as data about you, can be virtually anywhere.

Having your data and the data about you virtually everywhere is, in fact, key to the cloud computing business model. This means that traditional security concepts that focus in depth on infrastructure defense no longer apply. No one knows and understands this more than Dell’s Brett Hansen, Executive Director, Dell Data Security Solutions.

At Dell Peak Performance, held this year in Las Vegas, NV, Brett and other Dell Security leaders offered key insights about security trends and customer needs. While there, I had the opportunity to interview many Dell executives and business partners on the important IT security specific challenges being faced today by Dell customers. They were also able to provide their own vision for the future of cybersecurity. In this article, I share my conversation with Brett.

Kevin: Brett, thank you for taking the time to meet with me today. Could you please describe for me your role at Dell?

Brett: Sure Kevin. I’m happy to speak with you today. I currently lead the Endpoint and Data Security business for Dell. Although it’s a relatively young business unit, it focuses on securing our customer’s most important asset, their data that exist on end point devices.

Kevin: That is a very critical aspect of any business as cloud computing has grown in importance. From your vantage point, what has changed in the cybersecurity marketplace over the past 12 months?

Brett: Over the past year, we have seen a major sea change in how people work across all industries. Cloud computing, mobility and teleworking have all combined to drive us outside of the four walls of an office in the performance of what we have normally referred to as “work”. This also takes us outside of that corporate network core environment. This transformation has introduced new risks for our customers. They are now balancing regulatory compliance and increased IT security needs with an equally important imperative of providing a non-obtrusive work environment that empowers productive workers. This challenge is exacerbated by the growing population of millennials, supplemental workers and contractors within the workforce. These requirements creates a new working paradigm that embraces the productivity and mobility of a modern workforce in a way that also provides security, risk mitigation and business success.

Kevin: Embracing this new paradigm has physical, personnel as well as cybersecurity challenges. With that said, what is the number one cybersecurity challenge facing the marketplace today?

Brett: The myriad of capabilities that need to be deployed in order to address cybersecurity challenges defy a single answer, but one area I would like to focus on today is data encryption. When operating in this new working paradigm, enterprise data is no longer relegated to a single device housed within an enterprise controlled environment. This operational reality will expand as organizations become more open and the unimpeded flow of information becomes more critical to business.
The dramatic growth in enterprise use of public clouds like Dropbox, Box, One Drive and Google-Drive reflect this change. Companies and end users are rightfully embracing opportunities to work smarter, faster, collaboratively and more efficiently. At the same time, however, these opportunities are creating great risk. As the expanse of data movement grows, the enterprise’s ability to control and protect that data increasingly diminishes. Simultaneously, the data itself is becoming more important because it carries intellectual property, employee information and customer data. This is why our customers, both large and small, consistently ask us to help them embrace this new modern workplace paradigm without creating undo risk for their businesses. In short, they are saying, “Help me protect my data.”
Dell’s Brett Hansen at Dell Security Peak Performance 2015 

Kevin: IT security has been mostly infrastructure-centric. Today you are talking about a data-centric protection approach. How does Dell plan to help its customers navigate this different approach in implementing IT security?

Brett: Infrastructure-centric is a great term for describing the traditional approach to IT security. For years when people have talked about protecting data, they’ve equated the concept to how banks protect our money. In protecting your money, banks use locks, security cameras and armed guards to keep the money in one place — the bank vault. That approach, however, won’t work if the money needs to move or flow. Today’s modern economy depends on the ability of money to flow and the velocity of that flow improves the business of banking. It’s no different when you’re talking about data for a modern business.

Kevin: At Dell Peak Performance we heard that enterprises have suffered over$600B in cybersecurity losses this year against just a $200B investment to protect against these losses. What should senior decision makers and IT professionals learn from this statistic?

Brett: This is a lesson for the IT department as well for every CEO. In the past, cybersecurity has been considered a side conversation, but, today, it is a key element of just about every aspect of a company’s operations. That makes it a true business imperative. As companies build their product development, human resources and operations strategies, they must address cybersecurity as a key component of these central business decisions.

Kevin: With respect to cybersecurity, do you have any industry specific insights that you can share?

Brett: Every industry is affected by the cybersecurity challenge. This has become a reality over the last 5-6 years. In health care, for instance, rich media and broadband access has combined to enable doctor-to-doctor international collaboration. While this capability can clearly save lives, it also presents challenges to IT professionals who are tasked with meeting privacy and security mandates imposed by regulatory requirements like HIPPA. Manufacturers, on the other hand, with a very different information technology heritage, are now facing similar cybersecurity challenges when it comes to the protection of intellectual property. The manufacturing industry is actually playing catch up to some other industries as they work hard to improve IP related data protection capabilities. The proliferation of multiple device makes this even more difficult.

Kevin: With the FCC now empowered to sue companies that suffer data breaches, legal risks in this area have grown exponentially. Do you have any final comments or specific recommendations for corporate decision makers?

Brett: For too many years cybersecurity has been an afterthought. First, to repeat something I’ve said before, cybersecurity must now be an integral part of many core corporate decisions. Secondly, companies must accept that the old paradigm of locking down, restricting, prohibiting or dictating how information technology is used by their employees no longer works. Your best employees will find a way to get around your corporate dictates in order to get their job done. You must create and deliver IT solutions that balance productivity, accessibility and collaboration in a way that still protects corporate data and information.

Kevin: Thank you for sharing your insights today.

Brett: You’re very welcome.

This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.



Cloud Musings
( Thank you. If you enjoyed this article, get free updates by email or RSS - © Copyright Kevin L. Jackson 2015)



No comments: