VMware advocates security built around infrastructure
Security sprawl is creating complexity for security management, RSA conference hears
VMware believes a security focus on applications rather than infrastructure can help organisations turn the advantage from attackers to defenders.
With a broadening portfolio of software-based solutions that span the cloud to the end user, VMware is making security intrinsic to the infrastructure so customers can lock down known good behaviour of applications and reduce risks.
These offerings were on display last week at the RSA Conference in the Moscone North Expo.
“Security, for the most part, is not working,” said Rajiv Ramaswami, chief operating officer, products and services, VMware. “Applications are more distributed, deployed across multiple private and public clouds, using many different types of infrastructure and accessed from many different devices. Security sprawl – too many products, agents, and interfaces deployed across an organisation – creates complexity for security management. VMware’s strategy is to remove the complexity inherent with security today and deliver security that is intrinsic from endpoint to cloud.”
As organisations race to implement digital transformation initiatives, they are faced with a complex environment that favours attackers. According to Ponemon Institute, “data breaches continue to be costlier and result in more consumer records being lost or stolen, year after year” with the average total cost of a data breach being $3.86M. At the same time, worldwide spending on security-related hardware, software, and services is forecast to reach $133.7 billion in 2022, an increase of more than 45% over the forecast for 2018, according to IDC.
VMware believes the industry needs to shift from a model centred on chasing bad to one focused on ensuring good, and to focus on applications rather than infrastructure. Because of where VMware technology sits in the infrastructure stack, its products can deliver better visibility into applications and extend beyond the datacentre to help secure employee devices accessing apps and data from anywhere.
At the conference VMware introduced VMware Service-Defined Firewall to help enterprises better protect apps and data on-premises and in the cloud. This new internal firewall solution locks down known good behaviour at both the network and host level to reduce the attack surface.
VMware also unveiled new Workspace ONE security capabilities including a unified threat view dashboard, support for more defence and integrity compliance policies on Windows 10 and macOS, and new automation enhancements, among others. Additionally, VMware announced the company is continuing to work with Carbon Black, Lookout and Netskope on interoperable solutions.