Mind the gap
It’s Wednesday afternoon and your company has just announced a comprehensive new line of financial products. Things are going well. Inquiries have been coming into your call center and customers are posting favorable comments on your company blog. The last thing you’re thinking about is someone breaking into your customer data and trying to steal credit card numbers. But that’s happening right now — malicious code has penetrated one of your systems and is about to “phone home” to a server on another continent for further instructions.
Welcome to the connected world, where technology is rapidly transforming the way we live and work — and the way we must deal with security threats.
Embracing transformative technologies such as cloud, big data and bring-your-own-device (BYOD) mobility helps enterprises inspire creativity and innovation while maximizing efficiency gains. At the same time, the move to a highly distributed, highly personalized computing environment exposes enterprises to complex risk factors in a constantly evolving threat landscape. Increasingly complicated IT infrastructures intensify the need for proactive protection as the volume, velocity and variety of security threats continue to escalate and morph.
For example, according to data breaches analyzed by the Verizon RISK team, 75 percent of the breaches were considered opportunistic attacks, with 76 percent of network intrusions exploiting weak or stolen credentials. Also, the proportion of breaches that used social tactics such as phishing was four times higher in 2012 than in the previous year, with the increase being attributed to the widespread use of these tactics in targeted espionage campaigns.1
Now visualize this: strong, proactive protection that is easy to deploy and manage in a highly distributed computing environment, where everything — including infrastructure, information, devices and applications — talks to everything else. This is no longer blue-sky thinking. Dell Security is designed to deliver on this vision with a portfolio of solutions that span four pivotal, interrelated areas: data and endpoint security, identity and access management, network security and security services.
Closing security gaps
Today, enterprise data resides in myriad locations — on-site, virtualized or in the cloud — and users need to access it anytime, anywhere, from any device. In many organizations, however, security for users, devices and infrastructure is still being managed in silos. Disparate tools may not work together smoothly, if at all. Dealing with rapidly evolving security threats in a complex, highly connected world requires a fresh, interconnected approach.
Dell Security mitigates risk by providing a comprehensive lifecycle approach that covers the enterprise from endpoint to data center to cloud (see figure). Dell Security enables organizations to knock down silos that leave organizations exposed to security gaps, which can be exploited and hinder efforts to reduce security-related risks. Moreover, decreasing the number of disparate solutions boosts efficiency and minimizes costs. This connected approach also helps simplify the process of security oversight and governance so IT groups can effectively combat both internal and external threats — while helping ensure that security measures do not stand in the way of conducting business.
Dell Security: Lifecycle approach that protects from endpoint to cloud
Dell Security heightens the effectiveness of security management by enabling IT staff to respond promptly to security issues before they affect the business. Common-sense reporting spans the network and infrastructure, helping lower the risk of missed problems or threats — and saving precious time. As well, the approach enables IT to unify the patchwork of security tools and processes to minimize the complexity of managing security and compliance. (For more information, see the sidebar, “Leading by example.”)
Leading by example
Every year, Security magazine recognizes top executives who have positively affected the security industry, their organization and their peers. The executives are nominated by their colleagues, and they are selected based on their leadership and the overall impact of their security initiatives. The magazine named Michael Dell one of the Most Influential Security Executives for 2013.In recognizing Michael Dell’s leadership, the magazine cited the role of Dell’s converged, connected core approach to advancing enterprise security. According to the magazine, “Dell’s security vision is one that sees the need to shift our paradigm from reactive technologies to more integrative solutions that deal with the variety and complexity of the threats poised against us today. The time is ripe for a more coordinated, connected approach to security, enhancing our contextual awareness as we do battle, leveraging the richness inherent in the data stores of these historically siloed solutions. Not only does Dell now offer his customers end-to-end IT solutions, he’s overlaying across that infrastructure commensurate security solutions that will no longer operate in isolated silos.”
Building a connected foundation
The Dell Security solutions portfolio spans the IT spectrum — from endpoint to network to identity to security services. (For more information, see the sidebar, “4 pillars of protection.”) The real value of these protective capabilities comes from how Dell brings these solutions together and merges their intelligence so that they work within a cohesive, unified framework.
Connect security to infrastructure
Dell believes that embedding security natively into hardware is one of the most proactive measures enterprises can take with security. Accordingly, Dell hardware rolls off the assembly lines with embedded security capabilities, such as signed BIOS, Federal Information Processing Standards (FIPS) Publication (PUB) 140-2–certified Trusted Platform Module (TPM), hardware protection of end-user credentials and IT-friendly data-centric encryption. In fact, Dell offers the world’s most secure business PCs with industry-leading endpoint security solutions that include comprehensive encryption, advanced authentication and leading-edge malware protection.
Connect security to information
Dell Security solutions work together to gather, analyze and report on information from disparate systems, providing active information protection from endpoint to cloud. Combining information from Dell solutions with threat intelligence from Dell SecureWorks information security services and from Dell SonicWALL helps enterprises detect, protect, respond and even predict threats before they impact the organization.
For example, consider a Dell SonicWALL Next-Generation Firewall that has detected malicious activity from a device. Dell envisions a scenario in which the firewall contacts the Dell identity and access management system and users who logged in to that device, informing them that the activity should be treated as suspect. The Dell SecureWorks command center continuously monitors threat alerts from a worldwide network that includes Dell firewalls, leveraging the global threat visibility to deliver early warnings and actionable security intelligence.
Connect security to other security solutions
Dell connects its security solutions with each other and with security services, enabling each solution to be context-aware. Also, this connection facilitates the enforcement of policy-based management to provide a proactive and efficient response. Dell Security is designed to eliminate the silos between users, data, networks and services.
An example of this Dell vision is a scenario in which Dell SonicWALL Next-Generation Firewalls are integrated with Dell Data Protection | Encryption solutions. In this vision, the firewalls would enforce that data is encrypted and protected on the endpoint before they allow the data to be sent to the cloud. The firewalls also could check that endpoint management is installed, that configuration settings are correct and that patches are up-to-date before allowing users access to the internet.
4 pillars of protection
Dell Security solutions span four areas that are essential to business assurance in the real world. These solutions are designed to avoid security silos, enabling comprehensive protection across data, endpoints, users, the network and services.
Data and endpoint security. At the endpoint, data at rest is encrypted, and devices are embedded with protection capabilities. Dell solutions are designed to prevent data loss across the entire business, regardless of device or location, and to ensure tight protection for desktops, laptops and other endpoints — all while safeguarding user productivity.
Identity and access management. Dell solutions for identity and access management help improve visibility into who has access to vital information assets. Administrators can centrally control and monitor privileged accounts, as well as automate mandatory identity-management tasks that must be performed on every system. These solutions enable users to be governed, audited and managed with exceptional efficiency.
Network security. Dell next-generation firewalls deliver a wide range of capabilities designed to secure the boundary without sacrificing user productivity or network performance. Secure remote-access solutions allow enterprises to extend the network to off-site employees and extranet business partners. Dell email security leverages multiple threat-detection techniques as well as worldwide monitoring.
Security services. Dell security services address threats that require deep expertise, tools and techniques that some organizations may be hard-pressed to attain on their own. Offerings include managed security services that provide 24x7 protection, counterthreat intelligence, incident response, and security and risk consulting. These security services are provided by a large, dedicated team comprising some of the most proficient researchers in the industry.
Embracing a connected strategy
In the past, organizations achieved a high level of security when data was kept inside the enterprise, barricaded by mainframes and firewalls. Now, thanks to transformational technologies and paradigms such as big data, cloud computing and workforce mobility, data is everywhere and the perimeter has disappeared. That’s the heart of the challenge.
Dell Security is designed to bring order to today’s complicated, fragmented security landscape, overcome evolving cyberthreats, advance operational efficiencies and help ensure compliance. But perhaps most importantly of all, it enables enterprises to confidently adopt transformative technologies to achieve business results they could only dream of a few short years ago.
Michele Kopp is a director of global security solution marketing at Dell.
Download a PDF version of this article here.
1 “Verizon 2013 Data Breach Investigations Report,” by Verizon RISK Team, 2013, verizonenterprise.com/DBIR/2013.
Dell, SecureWorks and SonicWALL are trademarks of Dell Inc.