TMCnet News
Human-centric security [ITWeb](ITWeb Via Acquire Media NewsEdge) We have to remember there is a human in front of the computer. Our approach to security needs to adjust, as our approach to interfaces has changed. What is needed is a combination of psychology and technology, to know what motivates people and what influences them. Tim Brown, Dell fellow and executive director, security, Dell Software Group, says to be effective, security needs to reward good behaviour and discourage bad behaviour. "Dell's approach is all research-based, a fine balance of engineering and psychology." He said predictive analytics is the next big evolution in security. "Analytics will be the enabler for many of the advancements in security. A tremendous amount of data is now available, allowing for the independent validation of inputs, such as device identification based on normal patterns of device usage, or a barometric sensor on a mobile device for weather data. For example, if the data on the phone doesn't match the weather, it's an indication that something is wrong, or that they are not in the location they claim to be." Brown said Dell bought StatSoft that provides enterprise and desktop software for statistics, data analysis, data management, data visualisation, data mining, and quality control specifically for this capability and for its data scientists. Another area he sees as growing is insider threats. "Insider threats will increase as malware becomes less effective. Again, this area requires analytics that understand human behaviour. Is the company dealing with a traitor acting for themselves, doing inappropriate things in their environment, or a masquerader who is pretending to be someone else? Masqueraders are easier to find because, unlike traitors, they don't have the correct access. There are also unaware users, who have no bad intent, but leak data or lose devices and files with company data on them. Analytics can help identify who you are dealing with, and determine intent of access and data moving outside IT's intent/mission." Another area Dell is relooking at is data classification. "Firstly, classify data based on topics within the content, then protect data wherever it roams and enforce policy on the data, and audit all activity. It's been tried before, but hasn't worked successfully in the mainstream. However, the environment has changed – the mainstream has shifted. It's a good time to revisit data classification, putting protections in place on top of data that will work. This is why encryption is so important to us." Risk analysis will become part of Dell's security solutions, he says. "This needs to be continuous and interactive based on history, and the environment and security knowledge. What we'd like to do with analytics is have the ability to determine whether the person or the system is compromised." Another important development is Dell's intelligent integration platform, which determines automated actions, workflow and audit. "This too will evolve. It's not enough to just wipe a compromised or stolen device. The systems of the future will pick up and communicate with mobile data management and identity and access management, and be able to wipe the device as well as kill all connections, permissions and suchlike. In this way, the action on one device could take actions on other systems to improve security. (c) 2014 ITWeb Limited. All rights reserved. Provided by SyndiGate Media Inc. (Syndigate.info). |