Modernizing Authentication — What It Takes to Transform Secure Access
At the VMworld conference in Las Vegas this week, VMworld CEO Pat Gelsinger used his time on the keynote stage to outline the five key elements that enable cybersecurity.
"When we think about security, it's really a simple assignment - protect the apps and data," Gelsinger said.
While the assignment might sound simple, the challenges are complex and growing in an increasingly mobile world where the attack surface is expanding and more data is shared than ever before. Gelsinger also noted that there is a tremendous amount of complexity also in terms of solutions, with hundreds of companies and services all offering their own take on how to defend an organization.
"Over $100 billion a year is being spent on security and the cost of breaches is growing," Gelsinger said.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
Gelsinger told the keynote audience that as IT leaders their jobs are to make all the different parts work, even as the complexity grows.
"Fundamentally we the tech industry have failed you the customer," Gelsinger said. "It is simply too hard, too complex and breaches are growing far too fast, we need a new approach."
Part of the new approach that Gelsinger advocates is a return to what he called the basics. Just like a great sports team that practices the basics over and over again, he said the same needs to occur with IT security.
"Every major breach in the last few years would have been dramatically reduced or entirely eliminated if simple cyber-hygiene policies were followed," Gelsinger said.
The five pillars of cyber hygiene are:
Least Privilege - Unless a user is explicitly granted access, they should not have access.
Micro-Segmentation - Carving up a network into multiple layers to protect data.
Encryption - With encryption in place, Gelsinger said that an attacker will only get a 'bag of bits' and not the key to go with it.
Multi-Factor Authentication - If you phish my password, you got nothing unless you have that second or third factor, Gelsinger said.
Patching - Simply by patching, known exploit vectors can be prevented.
"To us, these are critical things that we as an industry have to get back to the basics and we have to make the basics easy to do," Gelsinger said.
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.