Current IT security must change to protect the new generation of social enterprise, said Enrique Salem, president and CEO at Symantec, today at the RSA Conference 2012.
Salem referred to ‘digital natives’ revolutionising the way business is being done and creating more necessity for better security in the internet age.
“There’s an unstoppable force coming this way, and it’s already hit the security industry like a sledgehammer. Digital natives are completely changing how we think about work, business and security. We must understand this new generation and build a world that works for them. They’re redefining multitasking. They’re always mobile – a mobile device is the tool they use to connect with everything,” he said.
Salem said that whilst those born in the 90s onwards are a part of this digital native generation, everyone else are ‘digital immigrants’, who are more concerned with security.
“Digital immigrants have a different perspective on mobiles devices and connectivity. They tend to be careful about their identity online, not trusting the digital world to always have our best interests in mind. To digital natives there is no distinction between the internet at work and the internet at home. So whilst there are tremendous benefits to all these connections, there’s also a greater set of vulnerabilities,” he said.
“Most digital natives don’t think about identity and security the way digital immigrants do. Their connections are free and open, and that’s how they like it – that’s the world they work in. It’s important to understand that this type of working isn’t just a subset of the ways business will be done in the future; this is the future of business. More of it will be in the cloud, both private and public, it’ll all be mobile and it’ll all be connected,” he added.
Whilst the positive things these new trends have brought to the IT industry are great, Salem said they also create more security issues.
“We’re already seen how mobile devices and virtual desktops can enhance IT productivity. However, this starts to further stretch the already conflicting requirements on the security profession. We’re being required to offer more services and mobility and access, while at the same time dealing with more requirements around governance and compliance – not to say all the other things we have to do from an IT perspective,” he said.
He added that IT security now needs to come up with something new to protect the masses of information people are placing online.
“I believe that the next generation workplace will need to be wired for social because your employees will be more productive in regards to social enterprise. As we look at what the digital natives are doing, they’re creating a lot of complexity and so our current security model on its own will not get the job done. We need something new and to rethink how we secure the enterprise,” he said.
“More than just bigger and stronger protection, we need to stop being the people that say no, and partner with our user community. We need an entirely new layer of security as connected and mobile as your workforce, and allowing us to maintain strong governance, compliance and control without impeding good work. We need a layer of protection that is wired for social and wired for security,” he added.
Salem also said that it is a new approach, not a product, that is needed to take the IT and security industry forward.
“With this new generation comes new vulnerabilities. Advance persistent threats have become more targeted, and this new generation assumes that the connected world is safe. They place so much information online that we must change how we protect identities, information and interactions,” he said.
“To protect against advance persistent threats we need advanced persistent protection. This is not a product, but a mindset and an approach. This new world cannot be a choice between social and secure; it has to be both. The future is already here and he only way we’ll secure it is to embrace, enable, protect and extend it,” he added.
Sub editor, Ben Rossi is reporting live from the RSA Security Conference, 2012 in San Francisco. For live tweets from the event, follow @ComputerNewsME and #RSAC.
