A Canalys report published in the last week indicates that the value of the EMEA (Europe, Middle East and Africa) network security market topped $674 million in Q4 2011, up 9.0% year-on-year and 12.8% over the previous quarter. It cited several factors contributing to this growth.
According to Canalys analyst Nushin Hernandez “Organisations are investing to protect against the rise in denial-of-service attacks. They also have to cope with increasing numbers of personal smart phones and pads that are being brought into the workplace by employees. The need for more integrated solutions has also become paramount; tougher compliance regulations are forcing organisations to deploy broader security capabilities.”
These security challenges are well understood by members of the Trusted Computing Group (TCG), which has been advocating the use of device-embedded security hardware for the past decade. As a member of the TCG, I know that denial of service attacks are a constant challenge for network security managers. The threat of a devastating attack is further amplified through devices that are brought into the work place or used to connect to the corporate network.
The TCG has defined open industry standards that have led to the development of the Trusted Platform Module (TPM) and the Self Encrypting Drive (SED), which have robust security processes embedded in the hardware. They have been joined recently by the Mobile Trusted Module (MTM) to answer the growing threat to devices such as smartphones and tablets.
Bring Your Own Device (BYOD) is an unstoppable trend because of the commercial benefits that it brings to every organisation. However, the threat of data breach increases exponentially if the devices in question are not fully secure and currently, the majority are not. Devices, from laptops to smartphones and tablets to memory sticks are too often protected by increasingly fragile software and managed and monitored by pillars of software that cannot respond effectively to a network attack.
The TPM and the SED offer more superior levels of protection than that provided by software-only solutions that are vulnerable during and after the device is booted. The Mobile Trusted Module or MTM, also designed with open industry standards agreed by the TCG, will continue the trend to end-to end-security, again focusing on the known device.
The current MTM is offered as a software application or service, protected against tampering within ARM’s TrustZone and utilising secure storage for keys. Mobile OSs do offer a level of protection, but not nearly what is required for secure applications running on the mobile device. To that end, one can utilise the secure environment offered by Trusted Logic’s Trusted Foundations, which implements what is known as a Trusted Execution Environment (TEE).
When used in conjunction with the TrustZone capabilities of an ARM processor, Trusted Foundations software provides a TEE which is only accessible to the ‘normal’ OS via standard TEE APIs defined by Global Platform.
Network security managers can build security by design and initialise the TPM installed on more than half a billion laptops, notebooks and PCs by making TPM-protected devices a company policy, including incremental MTM adoption. The TPM is the most robust way of securing devices because the security key and processes are embedded in a chip that is active pre-boot.
This means network security teams can trust the device and the user while using effective network solutions to monitor processes and query the health of the device, checking for malware and other rogue code. The TPM is also a central security element of the Windows 8 OS while BitLocker for Windows 7 (Ultimate and Enterprise editions) offers full disk encryption by harnessing the TPM in device data-security processes. The TPM can form the trusted base for an intuitive, centralised management platform to activate, manage and monitor BitLocker clients across the enterprise on Windows.
The successful repulsion of hacker threats in coming years will, I firmly believe, depend on the full-scale adoption by every company, every administration and every service provider (health, finance, social etc.) of TCG standards.
With this combination, hacker attacks can be minimised and IT managers will be able to respond more effectively to criminal attempts to breach network security. The TPM, SED and MTM provide the base for authentication, encryption and device health-checks, ensuring effective management throughout the lifecycle of the laptop, notebook, PC, and soon the smartphone and tablet. This base of known devices should also ensure true compliance and effective reporting because every device and every process is monitored by the management platform.
The evolving data protection law in the European Union means that every organisation will have to report data breaches within 24 hours and at the same time provide a full report to show data protection compliance. The financial penalties for non-compliance are potentially huge – up to 2% of global turnover, and the effect on brand reputation is incalculably negative.