Saturday, March 10, 2012

Symantec CEO, Enrique Salem's Keynote at RSA 2012

I watched Symantec CEO, Enrique Salem's excellent keynote at the RSA Conference on Tuesday, February 28th. Unlike other boring "product pitch" keynotes, Enrique's keynote was a refreshing perspective on the impact of "The Digital Native" entering the workforce.

His talk can be divided into three parts:

1. Definition. What/Who is this talk about

He talked about the Digital Native Generation (born after 1990 and already starting to enter the workforce). We need to understand how they work, think and interact. These folks are always networked, always sharing, always multitasking. They reach across their networks to seek information and solve problems. Hence, they find faster, more effective ways to do business. "Connected" is the air they breathe. They are effectively redefining multi-tasking.

2. What is the problem - given this new phenomenon in the workplace

The line between "business" and "personal" is blurring.

  1. Enterprises need to manage online identities when employees have dozens of them.
  2. Enterprises need to keep track of substantially higher volume of online activity
  3. Employees' expanded use to public/private clouds implies that we won't know where our data resides
  4. Enterprises need to protect information - when the workforce shares freely

This freight train is hurtling towards us. All the ways we conduct business will change. In a sense, we need a "reverse firewall" - that will allow enterprises to keep information in, block when necessary by watching and monitoring outbound flow of data.

3. How do we solve this problem? What are the parameters for the solution?

The easiest thing for an enterprise to do is to "lock down". This will not work because the employees are using these resources to improve productivity.

Any solution will have three components:

  1. Authentication
  2. Authorization
  3. Audit

Need a "Flexible Identity Management" which is established through:

  • Credentials
  • Geo
  • Policy

The system to solve the problem needs to be content aware, intuitive and policy based. Any system needs to work ubiquitously. It has to keep track of who is accessing what, at what level and with what device. All access needs to be recorded - thus monitoring the interaction between people and information. This would create a "Cloud Audit Trail".

Another parameter to consider is that the Administrator's burden should be reduced. They cannot depend on an end user tagging the information. The solution needs to be transparent, but always active - so you always know what information you have and where it is going.

Implementing this solution will not be easy. We need a new, secure ecosystem that will deliver on:

  1. Advanced, persistent protection
  2. Reliable Early Warning System. The state-of-the-art protection will recognize threats without impacting users
  3. Fast remediation
  4. Effective response plan