- Telefonica Business Solutions

A Telefonica Global Solutions White Paper
Protecting the future_
Understanding the value of security in a digital world.
September 2014
Introduction
“In 2013, organizations
faced many high-profile
and very significant data
breaches, public
disclosures and advanced,
targeted attacks. These
targeted attacks have
evolved beyond traditional
defensive controls;
consequently, security
technologies must evolve
along with the threats.”
Lawrence Pingree, Gartner Agenda Overview
for TSP Security Solutions, January 2014
Enterprise businesses are
increasingly under attack from
hackers and cyber-criminals, intent
on gaining access to valuable secure
and sensitive information or simply
seeking to test and verify security
protection, sometimes only for fun.
New threats emerge regularly as the
battle continues. As recently as
August 2014 the US Homeland
Security office published a warning
about the new “Point Of Sale”
malware dubbed “BackOff”, an
example of the never-ending cycle
of attack and counter-attack.
Gartner, a world leading research
company forecast that in 2013
Enterprises have spent approximately
$67 billion on information security
to thwart this threat.†
Innovative approaches to executing
security crime are not new.
Legendary computer programmer,
John Thomas Draper, (AKA ‘Captain
Crunch’) used a whistle from a box of
‘Cap’n Crunch’ cereal to emit a
2600Hz-tone that allowed him to
illegally access phone landlines and
make calls for free. Often, what
starts as a hobby can evolve into
something far more sinister. Once
motivated by curiosity and an
interest in technology, along with the
subsequent fame for ‘beating the
system’, hacking has now become a
cyber-crime; an industry in itself
seeking financial gain and posing a
terrorist threat.
Terrorists and information thieves
are now highly advanced. Organised
groups and individuals are capable
of bringing down online retailers,
accessing and selling personal data
and infiltrating IT systems. In the
battle to prevent this, governments,
security agencies and Telco
operators are constantly developing,
implementing and reviewing ways
to limit and ultimately eradicate the
effects of this cyber war.
There are tough challenges to face:
how do we physically protect
ourselves from an invisible threat?
Where should we construct our
defences?
Security threats and breaches impact us all in every business sector and we are
having to learn from the experiences. This table demonstrates some of the real
breaches to have recently affected some highly recognisable and respected brands.
2013
Who
Industry Sector
Impact
February
March
September
October
December
Federal
Reserve
Evernote
Win7 Vista
Forum
Adobe
Target
Central Bank
Software
Software
Software
Retail
4,000
accounts
Up to
50m users
200,000
users
Up to
3m users
Up to 40m
customers
2014
January
Who
Industry Sector
Impact
February
April
Yahoo
Snapchat
WPT
Amateur
Poker
League
Forbes
UN Internet
Governance
Forum
Michaels
Business
Acumen
Magazine
IT
Communication
Online
Media
Government
initiative
Retail
Media
81m users
4.6m users
175,000
accounts
Up to
1m users
Up to 40m
customers
Up to 3m
customers
Up to
26,000 users
†Gartner Symposium/ITxpo 2013, Q&A: How is the Digital World Impacting Security? September 2013
2.
1.
Defining
the security
perimeter
When any Chief Information
Security Officer (CISO) considers the
security of their company, they face
the same standard questions:
• What do I have to protect?
• Where is that information?
• W
here do I have to place
the perimeter?
Defining where a company places
its defences and deciding on the
approach to protect important data
is not easy. These tasks have
become so critical and challenging
that increasing numbers of
companies are delegating them
to an experienced security partner.
In fact, telecommunication
companies are seen as the most
trusted organisations to manage
mobile security by 51% of
companies according to Yankee
Group. (Data courtesy of TDIG.)
“As advancing threats, mobility and blurring network
borders continue to plague organizations globally,
requirements for security products, services and
incident response continue to evolve. Organizations
are looking to recraft their core security technology
and service requirements to fill new gaps that have
been identified.”
Lawrence Pingree, Gartner Agenda Overview for TSP Security Solutions, January 2014
3.
In the past, defining the security
perimeter of a company was
relatively simple: a couple of firewalls
with some additional equipment to
protect the servers. Today, however,
this is far from sufficient. Consider
when an employee goes on a
business trip, connects to an open
wireless network and begins a VPN
session. Their credentials, passwords
and even personal documents are
potentially easily retrievable by the
network administrator. This is a very
simple and common example, yet
many more sophisticated attacks
are taking place daily across the globe.
There are three core IT areas where
company security is paramount:
1.1 Network Security
Issues: Complexity, costs
and expertise
Companies storing customer
information must adapt their
security infrastructure to protect
the important data. Currently, almost
70% of companies rely on hardware
equipment alone, following a
traditional security strategy;
shared and virtualised infrastructure
are becoming an option. The formula
is well understood: install as much
equipment as needed on the
premises. NGFWs, UTMs, IDSs, IPSs,
etc, are acronyms that network
administrators and security teams
are all too familiar with. However
when a multinational company is
required to manage expansive and
expensive security infrastructure,
they are faced with a multifaceted
and intricate challenge. The most
important and immediate issues
include complexity, costs and
knowledge (expertise).
1.2 Cloud Security
Issues: Control, sharing
and trust
Multinational companies have
thousands of employees worldwide,
many needing to travel as part of
their role, while sending and receiving
emails and processing confidential
information on the move. They may
be working from an airport or hotel
room by tethering a connection from
their mobile, or in a car park using
free WiFi. These employees are
outside of the company’s traditional
security perimeter and are certainly
facing a security risk.
After all, it doesn’t take much to
become unknowingly infected by
malware, before returning to the
office and potentially infecting the
company’s network.
1.3 Mobile Security
Issues: Privacy, technology
and mobility
‘Bring your own device (BYOD)’
is here to stay. Any device not
managed by the central IT team
poses a risk to a company’s security.
Employees want to use one device
for both personal and professional
use. They may use the same device
to send an internal memorandum
and then to update their Facebook
status. So, what controls are in place
to stop them accidentally sending
confidential documentation to a
person outside the company, or
accidently leaking a new product
on Twitter? The mobile market is
constantly evolving, introducing
new devices every week, discovering
bugs every day, and updating apps
every hour. Therefore protecting the
privacy of the employee, company
data and their personal information
is fundamental.
“On average, 15% of employees are accessing sensitive
data such as customer information, nonpublic financial
data, intellectual property, and corporate strategy from
devices other than work laptops and desktops. So it’s
now far less important to focus on protecting individual
devices the organization no longer owns, or attempting
to lock down the devices that connect to the network,
and far more important to protect the organization’s
sensitive data regardless of device type or location.”
The Future Of Data Security: A Zero Trust Approach
Forrester Research Inc. John Kindervag, Heidi Shey, and Kelley Mak, June 2014
4.
2.
The elements
of security
2.1 Network Security
Network security is a mature market,
based on the capabilities of a SOC
(Security Operation Centre)
that handles all operational work
to ensure effective security
management. Having more than one
SOC can clearly be an advantage,
enabling coverage of different
geographies whilst working in a
federated mode.
Early detection is the key to
keeping network security in good
shape. Using Security Information
Events Management (SIEM) engines,
the SOCs gather and correlate
information from all the devices of
the security infrastructure to draw
a picture of the status of the service,
in real-time. Advanced correlation
engines can handle thousands of
5.
events per second and detect
advanced threats that the devices
cannot detect on their own.
To face the challenges of complexity
and costs, customers should rely on
a MSSP (Managed Security Service
Provider) to manage their security
infrastructure which, via their own
SOCs, can remotely supervise and
oversee all company devices.
This allows companies to benefit
from an efficient network, expertly
managed by a dedicated security
team for a fixed and predictable cost.
2.2 Cloud Security
Cloud-hosted security services are
growing in both use and importance.
Advantages such as not requiring
Capex investment, ease of
equipment deployment and the
ability to instantaneously protect
any device in any location are
making these solutions highly
appealing to customers of all sizes.
Importantly, there are three major
risk factors to consider:
•Web-related threats affect web
browsing, applications use and
social network information sharing.
•Spam represents more than 95%
of the total amount of emails and
can harm employee productivity.
•Distributed Denial of Service
(DDoS) attacks can seriously
damage the infrastructure of an
organisation, often causing major
disruption to business activity.
However, there is now a wide
range of online tools to combat
these threats. Email cleaners are
available to manage spam,
whilst web navigation gateways
control the Internet sites employees
can access without limiting the
information sharing.
2.3 Mobile Security
This is a relatively new threat vector
that is increasing rapidly and there
are a multitude of niche companies
focusing on different aspects and
solutions. Current solutions are most
often an evolution of Mobile Device
Management (MDM) rather than new,
horizontal mobile security solutions.
However, we anticipate that with the
increase in popularity of BYOD, this
trend is likely to change in the very
near future, with highly customised
mobile security services coming to
market. What is clear is that
managing mobile security in the long
term will remain an ongoing challenge.
The mobile market is evolving
incredibly quickly with thousands of
new devices using millions of
combinations of hardware and
software. Protecting all variations of
devices is a huge challenge. Often
more than one solution is needed to
efficiently protect the user from
external risks. Due to limitations on
the operating systems, the four
major platforms (Android, iOS,
Windows Phone and BlackBerry)
often don’t provide the same level of
protection. At present, web
navigation filtering and application
control are two of the most common
solutions allowing enterprises to
keep control of their devices without
harming user experience or violating
employee privacy.
2.4 Cyber Security
(and the new digital threats)
Until recently, DDoS attacks,
information theft and email
spamming were common methods
to damage and disrupt the operation
of a business. Today, criminal
organisations use the Internet as a
lucrative source of revenue. Phishing,
credential and identity theft and
counter-fitting are just a few of the
new threats facing companies, their
employees and their customers.
Whether engaging with a bank or a
retailer (online or high street),
customers expect to be protected
against security threats. In December
2013, credit and debit card details of
up to 40 million customers and
personal information of up to 70
million were hacked from a major
retailer in the US. Providing solutions
to address these real needs is a new
market, and one which is growing at
a fast rate to meet customer
demand. Security providers are
constantly evolving their products,
adding more functionality to protect
companies and their customers.
It is an ongoing race to anticipate,
address and secure customer security.
“Data is the lifeblood of today’s digital businesses, and
protecting it from theft, misuse, and abuse is the No. 1
responsibility of every S&R leader. Hacked customer
data can erase millions in profits within weeks, stolen
intellectual property can erase competitive advantage in
less than a year, and unnecessary privacy abuses can
bring unwanted scrutiny and fines from regulators while
inflicting reputational damage that can last months,
even years”
The Future Of Data Security: A Zero Trust Approach
Forrester Research Inc. John Kindervag, Heidi Shey, and Kelley Mak, June 2014
6.
3.
How can
we help?
We understand the global
complexity of these security dangers
and have the experience to ensure
that your business stays protected
whatever the threat. Our worldwide
solutions give you more than just
security. They provide peace of mind.
Our three families of Security
Services include:
Mobile
Services
Managed
Services
Cyber
Security
Mobile
Security
Vulnerabilities
Management
Cloud
Services
Cyber
Security
Clean
Email
Security Monitoring
Security Device Management
Managed Security Services:
Managed Security Services (MSS)
delegate the management of
security devices and security
incidents of your organisation to an
expert, global team. This team works
with you to identify critical business
assets, evaluate the risks to them,
and subsequently deploy customised
measures to improve your security.
This, in turn, allows you to focus on
your core business.
We have improved SIEM technology
with SAQQARA, a unique Telefónica
development. Using neuronal
7.
Anti
DDoS
networks, statistical analysis and
multiple algorithms, we can detect
periodical behaviours and, using
decision trees, respond in the best
way. SAQQARA feeds back into the
SIEM correlation engine to create an
ever-improving ecosystem.
Furthermore, SAQQARA is compatible
with other SAQQARA-powered
SIEMs, enabling the sharing of
knowledge and intelligence with
regard to new security patterns
which other SIEMs may not yet
detect as an attack.
Cyber Security:
Cyber Security Services act as your
eyes and ears on the Internet,
helping you to identify and manage
the increasing possibilities of digital
threats. Cyber Security gathers
information from different sources
(public, hacking and underground,
partners, etc.) across the Internet
and our own intelligence resources in
order to help protect you against
false information, ID theft, data
leakage, credit card theft and
“hacktivism”. Cyber Security also
provides a vision of the actual
security situation from an attacker’s
perspective of customer assets,
providing support to prioritise and fix
a customer’s security flaws.
Our Local Analysts continuously
engage with you to advise and help
identify potential security gaps that
need addressing.
Web Security Gateway:
The Web Security Gateway (WSG)
service provides a secure experience
to users navigating the Internet from
any location or device without the
need for any hardware, software or
connector. It analyses and blocks
traffic that does not comply
with the company’s security policy
and supports compliance by
imposing web browsing controls
at the internet perimeter.
Clean E-Mail:
Clean e-mail provides e-mail filtering
and e-mail policy enforcement to
help your organisation meet legal
and regulatory compliance
requirements. Features include
filtering, anti-virus/anti-malware and
anti-spam protection, directory
harvest attack protection, file
filtering, archiving and encryption.
Anti DDoS:
The Anti-DDoS Shield is a centrally
managed service that detects and
mitigates Distributed Denial of
Service (DDoS) attacks before they
reach your business infrastructure,
avoiding interruption and potential
harm to your business activities.
Mobile Security:
This combines features from
Managed Mobility, Web Security
Gateway and Cyber Security. Mobile
secure wipe, localisation, dual
persona, secure ID protection, web
and app navigation control are the
heroes of this service.
8.
4.
Contact us
9.
To find out how your business can benefit
from our Security Services, email us
at: [email protected] or visit
www.globalsolutions.telefonica.com/multinational
and complete the ‘Contact Us’ form.
This document is the property of Telefonica Global Solutions.
Any reproduction, distribution or public communication without the
express written consent of Telefonica Global Solutions is forbidden.