Operationalizing your Security with Symantec Workflow

In his first keynote as CEO of Symantec, Enrique Salem presented a new idea entitled “Operationalizng your Security” and talked about one of the tools in the Symantec Product set that can do this for you.

I learned a lot as I read through this speech.  First I did not know he was the eighth software developer for Peter Norton Computing.  After his first aquisition by Symantec, Mr. Salem left to go work at Brightmail and was once again aquired by Symantec.

As a side note it is great seeing a CEO of a tech company as large as Symantec also being someone who understands and uses technology.

But back to Operationalizing your security

Mr. Salem argues the current way of doing security is not working and backs it up with some interesting stats:

In 2008, we created more than 1.6 million new malicious code signatures. That’s more than
we’ve created in the last 17 years combined…
In the 30 minutes that I’m speaking this morning our
software will stop nearly 200,000 attacks globally around the Internet.

Scary stats, and Symantec is just one company creating virus signatures.  And this will probablly only grow more and more.

Mr. Salem lays out how security is being applied today:

  1. Low-level administrators end up being the de facto “policy setters”
  2. Security is done piecemeal
  3. You’ve got silos
  4. Lack of visibility into your risk posture makes prioritization challenging

When I worked as a network administrator for a private bank, this is exactly how the company ran.  We ran a competitve anti-virus product thatt didn’t always update correctly so I had to run around and make sure the servers were updating and patching, the clients were updating and patching etc…  Even though it was small (70 employees), if the security was operationalized things would have been much smoother and simpler for me.

Mr. Salem defines operationalized seucrity as being “risk-based, information-centric, responsive, and workflow-driven.”  He goes on to elaborate on each of the themes, but the key one for me and what I do for a living is workflow driven.

With the Symantec Workflow product being able to hook into so many products (whether or not they are Symantec products) you can create a process that reacts to the changing world of security.  In fact your process might even become proactive.

Think about it:  There is a patch that needs to be applied to correct a zero-day exploit.  I have a change management process that accounts for emergency changes.  I utilize my workflow process to move through the emergency change process for approval, create the patch delivery jobs, push the patches and log the successful installs/reboots into the change request form.  In fact just case a patch went wrong, I took a snapshot with Backup Exec System Recovery so I could restore that snapshot to a virtual machine to recover.  All done through the power of a workflow process.

Security needs to evolve to the next level, it needs to become a core process driven part of any organzation.

The PDF where I read the speech is attached enrique_salem_rsa_2009_keynote_speech_4-21-09

3 thoughts on “Operationalizing your Security with Symantec Workflow

  1. I work in high-tech for a large hardware company. We often set our sights on making the underlying hardware better in terms of security, and that’s always good. I also advocate internally, however, that we need to help the software and workflow improve, because all the best hardware in the world can be taken down by one bug or an unpatched system. It’s good to see a solid workflow methodology from Symantec, as that’ll make a huge difference.

    …and I still wish people would stop posting passwords on stickies on their monitor, and clicking on attachements from strangers that are showing an unexpected interest in them…

  2. Pingback: Further thoughts on operationalizing your security « A Conservative Techie

  3. Pingback: You’ll Pry My Virus Scanner from My Cold Hands « Finding Ponies in Piles of Poop

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s