F5 Networks, a multinational American company that specializes in application delivery networking (ADN) technology is of the opinion that the ongoing migration to the cloud computing paradigm, with the emergence of IoT trends, has led to renewed focus on security and greater demand for threat mitigation and data protection. Mohan Veloo, Vice-President, Technology, APAC, F5 Networks in an interview with Techseen shares his thoughts on the impact of private, public and hybrid cloud infrastructure on Asian businesses’ security strategy and security posture.
Techseen: Enterprises are seen to largely prefer “private cloud” over public cloud services. What are their apprehensions and what are your reasons for suggesting a “hybrid cloud?
The benefits associated with moving to the cloud can be realized in both public and private cloud-computing implementations. While in some respects there are greater benefits in public cloud-computing environments — higher cost savings resulting from better economies of scale, for example — there are also benefits such as process optimization and elimination of redundancies that can only be fully realized with a private cloud computing environment.
Private cloud computing implementation gives organizations the opportunity to realize these benefits without compromising on the architectural control required to assure integrity of data, systems, and processes.
One of the advantages of hybrid cloud is the capability to have daily workloads managed and retained on the public cloud platform if there is any excessive demand of workload of the computational power of the private cloud environment.
In addition, having services that can be easily orchestrated can simplify processes and support the availability of business applications wherever they sit. Hence hybrid clouds can enjoy the benefits of both private and public clouds.
Techseen: What are the challenges in transforming an entire, existing on-premise datacenter into a centrally managed private cloud?
The complexity of a legacy infrastructure can sometimes make it hard for companies to transform into a centrally managed private cloud. Businesses have made huge investments on on-premise, and usually prefer to maximize this investment. Much justification needs to be made to management to justify moving on from on-premise to the cloud.
According to F5’s State of the Application Report, 29 percent of organizations have attributed slow adoption to the failure to identify a comprehensive identity and access management policy. Another 35 percent admitted to the lack of internal knowledge of the scope of cloud usage as an impediment to adoption.
Techseen: How are threats different at endpoint and online? What solutions does F5 offer for both?
Endpoint security is a strategy for ensuring that a client device does not present a security risk before it is granted a remote-access connection to the network. Endpoint security verifies that desktop antivirus and firewall software is in place, systems are patched, keyloggers or other dangerous processes are not running, and sensitive data is not left behind in Web caches and other vulnerable locations. Endpoint security is an essential function of an SSL VPN.
At F5 Networks’ ASEAN Anticipate 2016, F5 announced the new enhancements to its security capabilities that will give customers industry-leading features that support traditional data center, cloud and hybrid architectures. The enhancements will enable customers in Asia Pacific to more effectively ensure application security, resolve critical app protection gaps and strengthen anti-fraud defenses.
The proliferation of Internet-facing applications has led to pervasive threats on business-critical web services, along with an increase in the sophistication of attacks. The new enhancement will see BIG-IP 12.1 software, delivering leading application services with more sophisticated security policies for on-premises and hybrid cloud environments.
The web application defense via BIG-IP Application Security Manager (ASM) is equipped with unique, customization bot detection methods that enable detailed analysis, and more extensive device ID tracking, to secure business-critical applications with advanced threat protection and visibility over application and location. F5 is the only Application Delivery Controller (ADC) vendor that offers this level of programmability across traditional, cloud, and hybrid architectures.
Techseen: Does the Cloud pose a different security challenge or should enterprises leave the security tackling to the cloud service provider?
Many current security approaches and mechanisms used by cloud providers such as network firewalls, advanced encryption, and other network security tools do not adequately protect against sophisticated app vulnerability exploits, browser-based credential theft, and malware disguised as legitimate traffic. Enterprises are advised to be proactive at ensuring cloud security, make every effort to transition proven policies from the data center to the cloud, and not leave security to cloud app and service providers.
Another area of concern with migrating to the cloud is compliance, regardless of where the app lives. For cloud services, organizations are advised to maintain compliance using effective, proven solutions and audit methodologies they already have in place for the data center. This enables efficiency and accuracy in maintaining adequate knowledge of compliance status, and the remediation of deficiencies within a reasonable timeframe.
The cloud poses a different challenge in security and every party has different roles to play in detecting and mitigating cyber threats. Cloud infrastructure makes security more complex as the traditional network perimeters is no longer enough to protect.
Techseen: With Internet of Things gaining momentum, what kind of threats does IoT pose? How’s F5 Security looking at the scenario?
IoT means more and more appliances connecting and talking to each other. This increases the threat surface exponentially. How do you protect millions of devices, the majority of which may actually be collecting information in the harshest and remotest of environments?
Within each IoT solution will be an application. F5’s security strategy is based around a comprehensive, multi-layered application centric security strategy.
Techseen: There is a new threat “CEO fraud” that’s getting some news lately. But it seems to be largely concentrated in the US right now. Do you think APAC too can get infected; or do you think it’s there in the wild in Asia too and not reported yet? Why is US more vulnerable to the CEO fraud than APAC? What solutions does F5 have for CEO Fraud?
Cyber attackers are increasingly using fraudulent emails to trick organizations’ employees into helping them achieve their criminal aims. Such attacks succeed because they rely almost entirely on tricking employees into ignoring or sidestepping some very basic security precautions. Educating employees so that they are less likely to fall for these scams won’t block all of such attacks, but it should help.
There are many ways to prevent ‘CEO Fraud’ from happening, and one of the important methods is to understand the context within which both user and application exist. Understanding user context involves understanding who, where and what device is being used. Understanding application context is knowing how critical an application is to a company. For example, is it a financial application or is it a simple marketing application? Once you understand user and application context, you need to apply the correct security controls based on your company’s security posture.
Techseen: How does F5 look at the APAC market in its preparedness for security vulnerabilities as compared to the West? What’s F5 doing to bring awareness about the threats?
A trend among companies in the APAC region has been the significant financial investment in detection and escalation measures. This includes the IT department being skilled in auditing, crisis team management as well as improvements in the chain of communication all the way to the C-suite level. This investment should include implementation of technological safeguards, such as application security and security intelligence solutions.
Organizations are delivering more and more sensitive data through applications and employees frequently work from outside the corporate network. The apps they rely on can be anywhere — from private datacenters to the public cloud. The organization now has less visibility and control over the situation. And cybercriminals are taking advantage of this, targeting the identities and apps themselves.
A recent study by Deloitte found that nations whose defense budgets are often low, are more vulnerable to cyberattacks than those which have a growing budget committed to cyber security. Singapore has implemented several cyber security initiatives including the National Cyber Security Masterplan 2018 to enhance the security and resilience of critical infocomm infrastructure and the Cyber Security Agency, a national body overseeing cyber security strategy, education and outreach. Likewise, Malaysia also has designed a National Cyber-Security Policy to address similar risks to the nation’s information infrastructure on their march towards a knowledge-based economy.
The fight against cybercrime is an ongoing commitment to improving your IT lines of defense. It is critical that enterprises and nations understand the evolving threat landscape in a mobile world fueled by applications built for every single function. Securing applications are effectively protecting the corporate brand. In this landscape, the quick-thinking and fast-acting companies are the ones that best stand to outpace cyber threat.
At F5, we help companies to detect and mitigate threats with 24/7 experts supports, holistic solutions as well as Security Operation Center. Working together with customers, we collaborate in securing applications and networks.
F5 ASEAN held the Anticipate event to raise awareness and bring companies together to secure businesses. At Anticipate, we gathered industry thought leaders from within and outside F5, who shared on how the security landscape is evolving rapidly, and the traditional security perimeter is no longer enough given the existence of new threats and rise in application deployments.