YOU ARE AT:Telco CloudNFV, SDN deployments driving cloud security to session-oriented awareness

NFV, SDN deployments driving cloud security to session-oriented awareness

Cloud security plans require telecom operators and enterprises to think about total protection processes and take into account software platforms.

Telecommunication operators are increasingly turning towards virtualized platforms in order to bolster agility, reduce costs and better position themselves to compete against new entrants into the space. Many of these new rivals come from web-based backgrounds that rely heavily on virtualization as a core tenant of their operations and use the already established connection links to compete against telecom carriers.

However, before telecom operators can follow the path into the cloud, steps need to be taken in order to ensure such moves do not open up legacy network operations to security issues. If telecom networks have been known for one thing, that is their robustness in the face of potential security threats.

Perry Price, CEO, president and co-founder of Revation Systems, touched on a number of issues challenging security providers as they look to help the telecom space keep control in cloud deployments.

RCR Wireless News: What impact is the growing use of cloud for storage of sensitive data and in support of analytics by telecom operators having on security platforms designed to protect that information?

Perry Price: Security platforms come in a multitude of solutions designed for specifically handling key components. For example, application security focuses on specific application security requirements versus network security. Protecting data at rest has historically been the responsibility of the database applications, but now detecting and analyzing threats across all these layers is a fundamental requirement. In addition to understanding detailed audit trails for any exposure of any data type to any type of user – whether they be an end user, administrator or auditor. Therefore, the impact requires carriers and enterprises think about the total solution around data in transit, at rest and when data is exposed to what users for what reasons as well as be able to report on it across the entire layers of responsibility.

RCRWN: What is being done to combat distributed denial of service attacks, data breaches and authentication challenges in cloud environments?

Price: The internet is clearly broken when it comes to security. If any user from anywhere in the world can visit your application, website or network with the intention to be malicious or harmful, then there is a fundamental need for a new model. Today, we are starting to invest in what we call the next layer of network security. In order to combat these threats, the edge of your internet connectivity must become session aware. Session-oriented networking will enable a new paradigm that authenticates, routes and automatically encrypts unencrypted data when necessary. Providing session-oriented activity at your edge will deny unauthorized users from attempting to harm your network or applications.

RCRWN: What impact is increased use of network virtualization technologies like network functions virtualization and software-defined networking having on cloud security platforms?

Price: The impact is increased cost and more complicated scale issues, which is why we are leaning away from SDN-WAN type technologies and moving towards the session-oriented awareness mentioned earlier. Becoming session aware will enable us to leapfrog beyond some of these legacy approaches.

RCRWN: How much work does Revation Systems do in terms of providing security outside of cloud storage and into the actual connectivity component, with a focus on cellular broadband connectivity?

Price: We do not focus specifically on cellular broadband security or connectivity, but we do provide applications that are device agnostic and provide application-layer security within the applications that we deliver to our customers. These communication applications encrypt all data in transit and at rest with private keys established for every single session. We also track details around who participates in sessions – whether they be an end user, supervisor or system administrator. In addition to application and network security, we are completing SOC2 Type 2 and [Health Insurance Portability and Accountability Act Health Information Trust Alliance] certifications this quarter.

RCRWN: What are some of the bigger challenges still facing the industry in terms of securing cloud platforms?

Price: The biggest challenge is related to the impact of increased virtualization use on cloud security platforms – resulting in routine data breaches within large enterprises and large government entities, where things like credit card data loss is significant. The internet must fundamentally change to prevent these types of unauthorized access.

In addition to changing the internet, all application providers must think in terms of a security-first design approach; meaning, the application itself must be inherently secure prior to safeguarding connectivity with other methods. The combination of these two things, along with the proper certifications, will lead to the next generation of total security.

For more on the topic of cloud security check out the latest RCR Wireless News feature report “Securing the cloud in the age of analytics and software.

Bored? Why not follow me on Twitter.

ABOUT AUTHOR