F5 Networks looks at the impact mobile, cloud and IoT will have on security strategies in 2016
Editor’s Note: With 2016 now upon us, RCR Wireless News has gathered predictions from leading industry analysts and executives on what they expect to see in the new year.
2016 is predicted to be a year of evolving security threats, as ever more varied and sophisticated attacks focus on consumer, enterprise and service provider targets. Attacks are coming from such a diverse range of sources – hackers, botnets, cybercriminals and state sponsored cyberwarfare, among others, that 2016 will see an explosive growth in IT security attack types and targets. Many attacks are evolving beyond simply targeting network infrastructure, increasingly to attack the applications running on it and data that reside within them. As attacks continue to evolve, security solutions and technologies from vendors must also evolve in order to detect and prevent attacks, and also to be able to perform forensic analysis on any security incidents that do succeed.
At a macro level there are several major global trends sweeping the IT industry that impact the design and deployment of IT infrastructure and services into 2016; these trends include mobile, cloud and “Internet of Things.” The impact these trends have is to distribute IT systems and resources far outside the traditional scope of the enterprise-owned physical data center, thus significantly complicating user authentication, access control and system security. As the traditional physical boundaries of IT infrastructure disappear, the ability of the IT administrator to know who is using what, with what level of performance and security, becomes harder to guarantee.
In the mobile arena, mobile malware is expected to grow exponentially, given the lax user behavior with respect to device security and simple channels for mass distribution of malware such as third-party app stores hosted in China. Some of the most attractive potential targets are in the emerging mobile payment application sector, as these applications are residing on billions of largely unprotected consumer mobile devices.
As business application access from unmanaged mobile devices becomes ever more prevalent, having detailed knowledge and fine-grained control of which user, on what device, in which location, over what network is authorized to access which application or network resource, with strong authentication of the user, is absolutely critical for enterprise IT security. Mobile device endpoint security, secure remote access, strong user authentication and fine-grained access control must become mandatory for system security in 2016.
Similar to mobile, the IoT trend is creating an explosion of billions of dumb yet powerful devices, the vast majority of which have no embedded security and are connected to high-speed networks. Obviously there is a significant potential for hackers to create vast botnets that could launch enormous distributed denial of service attacks on any target. Countering this threat may require multiple security solutions for both enterprise and service provider; cloud-based DDoS scrubbing services need to become front-of-mind for enterprise, while service providers must extend their scope of responsibility for network security beyond their traditional network boundaries and now consider the end device. This is necessary both to protect their own network infrastructure as well as the customers residing upon it.
To address this and other developing threats, 2016 will also witness the evolution of behavior-based security analytics, in order to counter the ever more sophisticated malware being coded by hackers to avoid existing security devices and technologies. As hybrid IT architectures push more applications and data off-site and users can access critical business systems from anywhere at any time, the ability to baseline “normal” user behavior and identify anomalous behavior will be of great benefit to the IT professional in securing their distributed infrastructure.
User-based analytics tools can provide early indications of questionable behavior by users, systems and devices, and give InfoSec professionals valuable direction in determining whether there is a security problem that requires attention. This, combined with the deployment of sophisticated Web application firewall solutions will be critical for application security in the hybrid IT architectures prevalent in 2016. Such technologies should be available in a variety of form factors to suit such architectures, including both on-premises, and both types of off-premises – cloud-based and cloud-delivered.
Additionally, as more and more of the global Internet traffic becomes secure in the “post-Snowden” era, an increasing number of security partnerships will develop in order to enable new security devices and technology access to the content within encrypted traffic flows for security analysis. Having a high-performance SSL encryption/decryption device that can intercept all inbound and outbound traffic, decrypt it, pipe it through additional layers of security technology for detailed scanning in clear text, then re-encrypt it for onward forwarding is absolutely critical. This has been clearly demonstrated by the fact that the U.S. Office of Personnel Management data breach went on for so long because of the fact they had no mechanism in place to scan outbound secure SSL traffic. Nobody wants a repeat of this incident, so powerful SSL offload technologies must be deployed, in order to make the CPU-intensive malware scanners cost-effective in encrypted traffic environments.
All in all, with mobility, cloud computing and IoT in full swing, 2016 should be a year of significant innovation for networks, applications and IT security solutions required to make it all work safely.
Robert Healy has 18 years of senior management experience in marketing, product management and business development. By working in a variety of technical roles for service providers and I.T. equipment vendors in Australia, Japan and Hong Kong, Healy has gained solid and diverse experience in Asian culture and business practice. Healy has extensive knowledge of both service provider and enterprise business models and technology spanning OSI Layers 2 through 7. He has been personally involved in the design and deployment of many of the largest and most innovative enterprise and service provider networks across Asia. Prior to joining F5 in 2014, Healy worked at Telstra, Ascend Communications, Juniper Networks and most recently Riverbed Technology, where he spent six years as marketing evangelist for the Asia-Pacific and Japan region. Healy is fluent in written and spoken technical and business Japanese and conversational in Mandarin Chinese. He holds both B.Sc. and B.E.E (Hons) degrees from the University of Sydney, and is a permanent resident of Hong Kong.