Don’t Let Security Shelfware Sink Your Battleship

Don’t Let Security Shelfware Sink Your Battleship

This post was originally published on this site ---

VMware is a platform company. It offers strategic platforms to build everything else on. SDDC, for instance, is foundational for private, hybrid and public clouds in the Enterprise. Workspace ONE is a strategic platform for managing the swarm of devices and humans across the enterprise. When we’re talking platforms and strategy, that’s where intrinsic security, built right into the foundation of the solution, becomes so effective.

This is important because there is a technology arms race going on 24/7. It is here, amid the fear of being caught off guard by distant and hidden enemies that the urge to buy the latest and greatest bits of tech is at its strongest. The problem is that when enterprises are caught up in this battle, they may select multiple security solutions based on what they perceive the current threat to be, rather than choosing a platform that enables them to adapt to the changing threat landscape.

Security Shelfware

In 2015, Trustwave commissioned a report into Security Shelfware and they discovered that 28% of enterprise security products are underutilized. This isn’t a new problem though. Here’s an example that makes even my Betamax collection look sensible:

In the early 20th century, the British Royal Navy was the most powerful military force in the world, dwarfing all other navies. To ensure it stayed dominant, in 1906 it unveiled a piece of technology that overnight made every other naval ship in the world obsolete: HMS Dreadnought.

Dreadnought combined so many military innovations, such as a uniform main battery of guns, steam turbines, electrical signaling, and advanced armament, that it was literally in a class of its own. It sparked an arms race that arguably contributed to the First World War.

The problem with the Dreadnought class of ships was that while they had enough amazing technology to answer every naval question, it didn’t turn out to be of any strategic use. The key reason for this was that the next war, The Great War of 1914, was mainly fought on land. This required a completely different type of innovation and prompted the development of tanks which really did have an impact on that conflict.

In the 1920s, the last of the Dreadnought class of ships were scrapped, barely 15 years after they had changed the world. They were simply the wrong tool for the job.

Security Shelfware

There are some concepts though that transcend individual solutions. Dreadnought had thick perimeter armor, effective communication systems, and 360-degree visibility. These were foundational security concepts that are still in use in Battleship design today, and that’s because they’re effective, regardless of the threat landscape.

A true platform enables additional security capabilities to be provisioned as the threat landscape changes while ensuring that the base platform provides full visibility and defensive capabilities. VMware’s NSX solution is a great example of this. One of its key strengths is the ability to microsegment network traffic and put layer 4 firewalls around each virtual machine. Another capability comes from VMware AppDefense, another security solution that enables application behavior analytics built right into the hypervisor.

When it comes to having a platform to manage and secure devices and users outside the traditional network, that’s where VMware’s EUC solutions fit in. Workspace ONE is a true multi-ecosystem platform. Whether iOS, Android, macOS, Chrome OS or Windows, Workspace ONE provides rich security controls and policies. Foundational and intrinsic security features such as Device Management, Application Management, and reporting are built directly into the platform. For example, the ability to perform an enterprise wipe on any ecosystem, or the capability to secure applications even on unmanaged devices are right there and ready to use.

But it’s the extensibility of the platform that sets it apart.

We are working with our leading Workspace ONE Trust Network partners to allow dedicated and industry-leading security providers access to the data and intelligence aggregated into Workspace ONE. This means that as the threat landscape changes, Workspace ONE will be able to integrate and work with the security provider that best matches your requirements.

A great example of VMware’s security platform components working together is with the combined capabilities of VMware NSX, VMware AppDefense and VMware Workspace ONE. With NSX, an individual user can access only resources aligned to them. The transparent security controls put around this user means that their application session, even if it is originating from an external location, is firewalled, segmented and isolated from non-authorised resources and services. VMware AppDefense ensures that even if an application vulnerability is exploited, a malicious or compromised application can do no harm, as it is either remediated or suspended until it’s fixed. These capabilities, along with the insights and automation for devices and users provided by Workspace ONE Intelligence, means that enterprises can be reassured that they have a firm foundation to build their security capabilities onto.

HMS Dreadnought was an awesome technological marvel. However, it was designed to fight past battles and it just couldn’t be adapted to the changing landscape and the challenges faced at the time. It, therefore, became the ultimate in shelfware, a costly venture that looked good on paper but ultimately provided no value.

Information Security is changing more rapidly than any other area of IT. It is easy to make mistakes when choosing a security solution that doesn’t allow you to adapt to changes in the threat landscape. VMware Workspace ONE provides the best foundation and adaptability for your security needs both now and in the future.

If you’re interested in trying out VMware Workspace ONE, make sure to visit our Hands-on Labs!

The post Don’t Let Security Shelfware Sink Your Battleship appeared first on VMware End-User Computing Blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.