Vulnerabilities / Threats
9/27/2009
11:05 AM
Alexander Wolfe
Alexander Wolfe
Commentary
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

Wolfe's Den Podcast: Trend Micro Takes Security To The Cloud

Eva Chen, CEO and co-founder of Trend Micro, talks about what cloud-computing users should do to secure their data and how her company is itself using the cloud to protect against the explosion of malware.

Welcome to the first in my periodic series of columns focusing on major security vendors. For the launch edition, I sat down with Eva Chen, CEO and co-founder of Trend Micro, to talk about changes roiling the industry. The discussion took place against the backdrop of an arena that's being buffeted by the rising tide of malware. (Click on the play icon right here to access the podcast, or scroll to the bottom to see the full player.)

Chen and I chatted after the panel I hosted at the InformationWeek 500 Conference, "Strategic Security: Maximizing The Business Value Of Your Security Investment." During that session, along with noting user concerns about cloud security, she emphasized how cloud computing is changing the way enterprises approach protecting their resources.

We returned to the cloud theme in the podcast, with Chen mentioning that the top concern repeatedly raised by cloud customers is security. She also pointed out that utilizing cloud resources creates a situation where a user's data, system and network could all be in different places. This, in turn, shifts the security focus squarely to locking down that data. Her advice: "The customer should insist that only they themselves have full access to their data," adding that not even the cloud provider should have such access.

Chan said that users need to go to their cloud provider and make sure their security policies match up. "They should [also] come up with a policy for how they want to secure their own data. For example, a new technology like identity based encryption can be used," she explained. "Customers can encrypt their own data with their identity, and therefore only they themselves can access that data."

Cloud has also been a key enabler for an advance Trend has brought to its own security products. Namely, Trend has moved its library of malware signatures to the cloud. This was done with an eye towards ending the frequent -- and frequently large -- downloads of signature updates common to client-side security programs. Maintaining malware signatures in the cloud allows them to be easily updated and rapidly accessed by end-user security programs.

"Every two seconds, there's a new piece of malware," Chen said. "It's impossible to store all the malware signatures on a tiny netbook. Therefore Trend Micro came up with the smart protection network -- we put all these signatures up in the cloud."

Trend maintains what it calls Threat Reputation Databases, comprised of Web, e-mail, and file threats. These are lengthy lists of phishing pages, spam sources, and dangerous executables. The word "reputation" comes into play because Trend uses a technique called reputation scoring to assess the relative threat, or "reputation" of a suspicious file or Web page. "Therefore customers can have a very lightweight agent on their machine and all these reputation databases in the cloud will provide the most up to date database list of threats," Chen said.

Enterprise Security

The advent of Windows 7 is also changing the landscape somewhat, because of its potent, policy-based security tools. For example, Microsoft's new operating system has features which enforce what apps can be run on individual users' systems and what data they can access.

However, Chen notes that attempts to lock down data, while laudable, won't necessarily be impenetrable when you're talking about enterprises with increasingly large mobile work forces.

As well, increased mobility kills the idea of a tight security perimeter. The upshot, says Chen, is you need to rethink your endpoint: "There's no way you can different between you network and my network. Every endpoint needs to be secure." (This includes USB drives walking data out of the company.)

At the end of the podcast, I asked Chen for a couple of advice takeaways. "Rethink your end-point security, because of all those mobile devices out there, which need to be secure," she said. "Second, secure your Web site. It's outward-facing -- that's where your company's reputation and brand are at risk."

For Further Reading

Trend Micro's TrendLabs Malware Blog;

My NetworkComputing blog: Cybersecurity Challenge: Is Your Network Safe? (Probably Not);

Another NetworkComputing post: Crypto Key Management Is Next Wave In Net Security;

What's your take? Let me know, by leaving a comment below or e-mailing me directly at alex@alexwolfe.net.

Follow me on Twitter: (@awolfe58)

Alexander Wolfe is editor-in-chief of InformationWeek.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0993
Published: 2014-09-15
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file.

CVE-2014-2375
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

CVE-2014-2376
Published: 2014-09-15
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2377
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.

CVE-2014-3077
Published: 2014-09-15
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant