Addressing data protection, insider threats and advanced malware are among the challenges for Dell’s security division.
Speaking at the Dell Security Summit in Brussels, Tim Brown, executive director of security at Dell Software, said that this was a “good time” to put controls on data that can roam, and he said Dell could see the problem in making implementations, and standards and technology to make it effective, and while this was a hard area to be in, it is worth it and if it can be changed, things will be done.
Speaking to IT Security Guru, Brown said that users were now selecting hardware and choosing to add security, and this gives the company a route to market in terms of executing growth patterns.
He said: “This was an opportunity to utilise a model that makes sense as you get hardware, and many will get security as well, and it gives you a more advanced level of protection.”
In the insider threat space, Brown said that tools do exist and there is success in catching mistakes with data loss prevention, but the malicious insider will not be caught with existing technologies, and we are “way off actually catching people who use classic espionage techniques”.
He said: “The affect that Snowden had was that he was after data and he did not care about how he got it. With hindsight this could have been spotted.
“In Government, you sign your rights away to privacy as any person can be inspected at any time and place, but there are certain practices you can look at and until you do that, the insider threat will be more prevalent.”
He said that where there is intent there is a way, but with behavioural analysis and data analytics, it has the chance to analyse it and make it harder for the insider.
Another area Dell plans to increase its mark in is advanced malware protection. After Dell Venturesinvested $10 million in vendor Lastline last month, Brown recognised this as a growth area.
He said: “We see a lot of advanced malware with our solutions and see what malware does with SecureWorks and triggers on all our other systems. We have information on what the triggers are and on the network via SonicWall.
“We made the investment in LastLine and our endpoint with Dell Protected Workspace can sandbox applications and examine inside the container what is being used by the malware, and the combination gives us a good picture on what advanced malware is doing and it is important to know how to stop it in the future.
“This is a space we are interested in investing in and sharing data on three components – network, endpoint and services, as it gives us different information. We don’t say signature-less as we know you need to receive updates and get to systems and without updates, you are unprotected on day two. We need to find the malware quickly and adapt and protect faster. There are already a lot of great solutions and more to come.”