Networking for Change - Network Security: IT Takes a Village

0:01 [Music]

0:08 hey guys today we're talking about cool

0:10 security stuff and how impactful

0:12 security is on our modern ways of life

0:15 security touches almost everything and

0:16 everyone from protecting your mom's

0:19 identity to journalist sources to

0:21 protecting nuclear reactors and it

0:23 really takes a village i'm kate adam i'm

0:25 senior director of security at juniper

0:27 networks and i've asked some of my

0:29 colleagues here

0:30 to join me and share in a discussion on

0:33 what's happening behind the scenes in

0:34 security why don't you guys introduce

0:36 yourselves babette why don't you go

0:38 hello my name is babette jackson i've

0:41 been with juniper for about three years

0:43 i'm an information security analyst and

0:45 my main role is data loss prevention and

0:48 insider threat and to put that simply i

0:51 protect the company's most valuable

0:53 assets from

0:54 leaving the company

0:56 very very important

0:58 uh especially when you consider all the

1:00 intellectual

1:01 intellectual property and innovation

1:03 that goes on in juniper um

1:06 kadar

1:07 hi my name is kedar duru i'm

1:09 the director of product management for

1:11 juniper's

1:12 security infrastructure and platforms

1:15 it's all of the products that we build

1:16 that babette and her team use to

1:19 prevent the most important assets that

1:21 juniper has from leaving our

1:23 organization

1:24 i want to dive right in to the fun

1:26 questions um and talk about something

1:29 that

1:30 is very complex the data center and i

1:33 know

1:34 that calling it the data center is uh

1:37 something that's probably going to irk a

1:38 lot of you guys out there because

1:40 it's not a data center right it's many

1:43 different centers of data

1:45 data resides everywhere and especially

1:48 now that we see more and more

1:50 organizations using not just a public

1:53 cloud but multiple public clouds

1:56 can you guys give your perspectives on

1:59 data center security and

2:01 all the complexities that it may or may

2:04 not involve data center security quite

2:08 simply is about securing data it's uh i

2:12 mean the whole reason you have a data

2:14 center is you have a place where you

2:16 keep data

2:17 originally it used to be

2:19 one building

2:20 that you were able to protect

2:22 now

2:23 exactly not anymore now it's it's it's

2:26 um it's that one building you've

2:28 probably got five others

2:30 uh you you spread that out the reason

2:32 you did that was to build a level of

2:34 resiliency what if one of those centers

2:36 of data went down you at least could run

2:39 your business on the next one or the

2:41 third one and so on from there

2:43 you now have

2:45 public clouds which are nothing but you

2:48 know some other location where you're

2:49 running your applications and your data

2:51 or storing your data so i i look at data

2:54 center security as uh being able to

2:56 ensure that your users can get access to

2:59 the data that they need and at the same

3:02 time you want to be able to protect

3:04 that information from leaving your

3:06 organization of

3:08 as well as

3:09 you want to be able to protect everybody

3:10 that's trying to get access to it so you

3:12 want to know who's getting access to it

3:14 you want to know what they're doing with

3:15 it and you want to know when it leaves

3:16 the organization and for what purpose so

3:19 that's

3:20 in general what data centers are about

3:21 and and data center security is about

3:24 go ahead babette yeah to piggyback off

3:27 of that i believe it's the same thing uh

3:29 for my role and for my job it was part

3:33 of my assignment to understand where all

3:35 our data was where it's coming in and

3:37 where it's going out and understanding

3:39 that data is literally everywhere so in

3:42 order to secure data you have to know

3:44 where the data is but because there's so

3:46 many different applications and because

3:48 there's so many places that that that

3:51 the data is being stored the public

3:53 cloud was just someone else's computer

3:57 it was hard to keep track of where

3:59 everything was going

4:00 so to be able to know where it's coming

4:02 from to be able to know who has access

4:04 to it where it's leaving to where it's

4:07 going to

4:08 just takes a lot of management from all

4:11 sides from your own company from the

4:13 third party companies so just

4:14 understanding is

4:16 the bulk of security of where your data

4:19 is and who has access to it i've heard a

4:21 lot about

4:22 zero trust and defense in depth

4:25 is that are those

4:27 strategies used useful in the data

4:30 center to protect the data

4:32 and how how do you even go about getting

4:34 visibility into

4:36 all of these different locations where

4:38 this data may or may not reside

4:40 um well before something my manager told

4:44 me was the term we were using or phrase

4:46 was

4:47 trust but verify but with zero trust

4:49 it's become completely different

4:51 especially since we've been working from

4:52 home due to covet and all these major

4:55 changes so now people are moving to zero

4:58 trust which is never trust and verify

5:01 so with this it's a completely different

5:04 atmosphere

5:06 because i believe in the idea of

5:08 training and awareness but given the

5:10 fact that we have so many people

5:12 connecting from different places and we

5:15 haven't really inserted cyber security

5:18 in the forefronts of people's minds it

5:21 makes sense to go to

5:23 never trust and verify because at the

5:25 end of the day we just want to protect

5:27 the company's most valuable assets from

5:29 people trying to send it out insider

5:32 threat and the people trying to access

5:34 it so i believe zero trust is something

5:37 that we are pushing forward to and i

5:39 believe that we should continue to do

5:42 yeah so with applications um

5:45 and applications residing in potentially

5:47 multiple clouds at once you know

5:50 microservices

5:52 using containers

5:54 and using different workloads shifting

5:56 workloads from cloud to cloud as

5:59 you know costs get cheaper or

6:02 security controls or automation gets

6:05 better how do we apply zero trust or

6:08 and or defense in depth um on the

6:11 application front so defense in depth on

6:13 the application side you're right it's

6:15 it's it's like the um

6:18 the castle analogy uh a castle analogy

6:20 you uh in terms of defense and depth uh

6:22 you you

6:24 um in order to protect the crown jewels

6:26 that are located in a castle you want

6:28 you want to have that moat and then from

6:29 there you want to have the guards that

6:31 are

6:32 on the towers and then you want to be

6:34 able to have finally a door around the

6:37 crown jewels before anyone can get to it

6:39 that's your application that's your data

6:41 so um you take the same approach to

6:43 application security you want to

6:45 understand that your containers and and

6:48 the image of a container is not

6:50 compromised you want to ensure that

6:52 there are no vulnerabilities in that in

6:54 those packages that you're using then

6:56 you want to be able to understand that

6:58 the person that's writing the

6:59 application that that makes use of those

7:01 containers

7:03 hasn't written any any kind of

7:04 vulnerable gold so you you want to be

7:06 able to test it and then finally because

7:08 you cannot protect everything

7:10 you want to take you want to minimize

7:12 the risk even further but you let the

7:13 machine kind of try to understand what's

7:16 happening in the application know what's

7:17 a good

7:19 good application

7:22 sequence and then when something bad

7:24 happens it it actually at least flags it

7:27 and and alerts you or better yet it's

7:30 good enough to actually block something

7:31 bad from happening thank you guys so

7:33 much for joining me today this has been

7:35 a really delightful conversation

7:37 i love talking about cool security stuff

7:39 so thank you both baba and kadar and

7:42 thank all of you thank you thank you

7:45 [Music]