Vulnerabilities / Threats
9/27/2009
11:05 AM
Alexander Wolfe
Alexander Wolfe
Commentary
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

Wolfe's Den Podcast: Trend Micro Takes Security To The Cloud

Eva Chen, CEO and co-founder of Trend Micro, talks about what cloud-computing users should do to secure their data and how her company is itself using the cloud to protect against the explosion of malware.

Welcome to the first in my periodic series of columns focusing on major security vendors. For the launch edition, I sat down with Eva Chen, CEO and co-founder of Trend Micro, to talk about changes roiling the industry. The discussion took place against the backdrop of an arena that's being buffeted by the rising tide of malware. (Click on the play icon right here to access the podcast, or scroll to the bottom to see the full player.)

Chen and I chatted after the panel I hosted at the InformationWeek 500 Conference, "Strategic Security: Maximizing The Business Value Of Your Security Investment." During that session, along with noting user concerns about cloud security, she emphasized how cloud computing is changing the way enterprises approach protecting their resources.

We returned to the cloud theme in the podcast, with Chen mentioning that the top concern repeatedly raised by cloud customers is security. She also pointed out that utilizing cloud resources creates a situation where a user's data, system and network could all be in different places. This, in turn, shifts the security focus squarely to locking down that data. Her advice: "The customer should insist that only they themselves have full access to their data," adding that not even the cloud provider should have such access.

Chan said that users need to go to their cloud provider and make sure their security policies match up. "They should [also] come up with a policy for how they want to secure their own data. For example, a new technology like identity based encryption can be used," she explained. "Customers can encrypt their own data with their identity, and therefore only they themselves can access that data."

Cloud has also been a key enabler for an advance Trend has brought to its own security products. Namely, Trend has moved its library of malware signatures to the cloud. This was done with an eye towards ending the frequent -- and frequently large -- downloads of signature updates common to client-side security programs. Maintaining malware signatures in the cloud allows them to be easily updated and rapidly accessed by end-user security programs.

"Every two seconds, there's a new piece of malware," Chen said. "It's impossible to store all the malware signatures on a tiny netbook. Therefore Trend Micro came up with the smart protection network -- we put all these signatures up in the cloud."

Trend maintains what it calls Threat Reputation Databases, comprised of Web, e-mail, and file threats. These are lengthy lists of phishing pages, spam sources, and dangerous executables. The word "reputation" comes into play because Trend uses a technique called reputation scoring to assess the relative threat, or "reputation" of a suspicious file or Web page. "Therefore customers can have a very lightweight agent on their machine and all these reputation databases in the cloud will provide the most up to date database list of threats," Chen said.

Enterprise Security

The advent of Windows 7 is also changing the landscape somewhat, because of its potent, policy-based security tools. For example, Microsoft's new operating system has features which enforce what apps can be run on individual users' systems and what data they can access.

However, Chen notes that attempts to lock down data, while laudable, won't necessarily be impenetrable when you're talking about enterprises with increasingly large mobile work forces.

As well, increased mobility kills the idea of a tight security perimeter. The upshot, says Chen, is you need to rethink your endpoint: "There's no way you can different between you network and my network. Every endpoint needs to be secure." (This includes USB drives walking data out of the company.)

At the end of the podcast, I asked Chen for a couple of advice takeaways. "Rethink your end-point security, because of all those mobile devices out there, which need to be secure," she said. "Second, secure your Web site. It's outward-facing -- that's where your company's reputation and brand are at risk."

For Further Reading

Trend Micro's TrendLabs Malware Blog;

My NetworkComputing blog: Cybersecurity Challenge: Is Your Network Safe? (Probably Not);

Another NetworkComputing post: Crypto Key Management Is Next Wave In Net Security;

What's your take? Let me know, by leaving a comment below or e-mailing me directly at alex@alexwolfe.net.

Follow me on Twitter: (@awolfe58)

Alexander Wolfe is editor-in-chief of InformationWeek.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9688
Published: 2015-03-05
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.

CVE-2015-2214
Published: 2015-03-05
NetCat 5.01 and earlier allows remote attackers to obtain the installation path via the redirect_url parameter to netshop/post.php.

CVE-2015-2215
Published: 2015-03-05
Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.

CVE-2015-2216
Published: 2015-03-05
SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter.

CVE-2015-2218
Published: 2015-03-05
Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) item[name] or (2) item[customcss] parameter in a w...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.