Shaping Tomorrow’s Security Today 4: Advanced Persistent Protection

Enrique Salem welcomes Marc Benioff, the CEO of salesforce.com, to join the discussion and talk about the new perspective of security in the social, cloud-based and growingly mobile enterprise environment.

Advanced Persistent Protection in a nutshell

Basics of Advanced Persistent Protection

To protect against advanced persistent threats, we need advanced persistent protection. And advanced persistent protection is not a product. It’s a mindset, it’s an approach. It’s built around 4 key things:

1. You need a reliable early warning system that allows you to understand when a new threat is potentially going to attack.

2. You need state-of-the-art protection, one that recognizes threats without impacting your users.

3. You need fast remediation – solutions that can move faster than the threat can spread across your company.

4. You need a response plan. Now, this can be an internal plan, but it has to also include outside resources, including law enforcement, because at times they will be required to help with the ultimate solution.

This is our vision for security, and it’s new, it revolves around this new workplace that I’m describing. But what we need is a new secure ecosystem. We’ve been working with multiple partners, including carriers and manufacturers to make this new approach a reality. We’ve been working with VMware, as virtualization is key component of building a lot of these cloud-based systems. And we’re working with them to deliver better security. As an industry, we need to establish security practices around the cloud. We need standard APIs that will allow us to work across all of the different cloud-based services. Today we have interfaces like SAML, OAuth and OpenID. We must go further. What I’d like to do now is I’d like to introduce another guest who can speak about the importance of security in the cloud. So please help me welcome Marc Benioff, CEO of salesforce.com.

Marc Benioff Mark: Good morning everybody.

Enrique: So, Mark, one of the things that you said is there’s been a barrier to the adoption of cloud-based services of security. Tell me more about that.

Mark: Well, I think everyone in this room knows that when you’re a cloud provider like salesforce.com, trust is our number 1 value. Nothing is more important than the trust that we have with our customers. And a critical part of that trust is the security infrastructure.

Enrique: So, Marc, I’ve been talking about this new enterprise, and I talked about digital natives and how they work. They don’t use e-mail the way we have historically; they collaborate more in a social way. So tell me more about what you think, how does the social enterprise impact business going forward?

Mark: Well, you’re right; we are going through a massive transformation in our industry, and that transformation is this move to the world being more cloud, but also being a lot more mobile and a lot more social. And to me what social means, and you and I have talked about it many times, is that everything is going a lot faster, you just see that events happen and things spread, and consciousness happens rapidly. And things are also a lot more open, more transparent, things are more collaborative. Individuals who maybe didn’t have a platform for empowerment and excitement are getting elevated. And alignment has achieved the levels that we have not seen. You see that in the Occupy movement, where they’re able to coordinate their activities through the social paradigm, and not just leaders, you know, like we have in this room, but also leaderless organizations like Anonymous and Occupy and others, who are empowered and enabled and get created through the social paradigm. And the power of all that together, which I call “SOCIAL”, which is speed, open, collaborative, individuals, alignment and leaders (I need something to build to remember it) is transformational. It’s transformational to exactly what we were talking about – the youth and society; but it’s transformational in our businesses, with the social enterprise. Our companies have to learn now how to become new kinds of organizations, because we have these incredible new tools.

Because there is no finish line with security, trust is ultimately the most important thing.

Enrique: So, Marc you and I are both passionate about this new way of working. So how do you balance security and social? Because I’m going to want to put out a lot of information, using corresponding tools; how do you think about balancing security with social?

Mark: Well, the two things that I constantly focus on are trust, which is a different way of doing business, you know, it’s a level of openness and partnership with your users and your customers, that everyone in the organization has to get to a higher level of; and transparency. Everything that happens has to be an open book, no secrets. And that’s the critical part of trust. It’s the yin and yang; they have a symbiotic relationship. There is no finish line when it comes to security, we all know that. Everyone here in this room knows that, you know, we’re holding it all together, but that it’s all a highly dynamic and rapidly changing environment, and that we have to pull it all back together again. And because there is no finish line with security, trust is ultimately the most important thing. That’s my perspective.

Enrique: And I think that makes a lot of sense. So, Marc, we’re already collaborating on solutions together to help secure the cloud and secure a lot of services, so I look forward to continuing to work with you.

Mark: Thanks for having me at the Keynote. Enjoy the conference.

Enrique: So, as we just talked, this new generation of workers, the digital natives, are dramatically changing how we work. So make no mistake about it. They are the sledgehammer of change. And together with the digital immigrants, you and me, we have to look at how we work inside this fundamentally different workplace. This new world cannot be a choice between social versus secure; it has to be both. It has to be wired for social and wired for security. We’ll protect this new enterprise; we’ll provide a pervasive security model, one that protects identities, information and interactions. And we’ll provide advanced persistent protection across devices and across the cloud – because the future is clear; because the future is already here, and because the only way we will secure that future is to embrace it, to enable it, to protect it and to extend it. Thank you very much.

Read previous: Shaping Tomorrow’s Security Today 3: “Wired for Security” Model

Like This Article? Let Others Know!
Related Articles:

Leave a comment:

Your email address will not be published. Required fields are marked *

Comment via Facebook: