Security firm Trend Micro has been showcasing its comprehensive suite of Amazon Web Services (AWS) security products at Amazon’s re:Invent conference in Las Vegas. It calls them ” a comprehensive, automated security solution for deployments on AWS”.
We headed over to the Trend Micro booth to chat with Mark Nunnikhoven, resident AWS expert and principal engineer of cloud and emerging technologies, to see what all the fuss was about.
“Security in AWS works under shared responsibility,” Mark told us. “AWS covers up to the operating system, and after that it’s the client’s responsibility to secure it. We help people secure those aspects, and give them advice on how to properly configure the tools that AWS does provide.”
The products on show are Trend Micro’s Deep Security, its security control platform, and SecureCloud, its encryption product, as well as a product focused entirely on AWS security, Web App Security, which is an external vulnerability scanner and penetration testing service.
“It’s a different model from the data centre, where you own everything and you know which team does what,” Mark said. “When you move into a cloud model with AWS, you share that responsibility, and you’re trusting them up to a certain point.”
“AWS are really transparent with that, and they give you a whole load of audit evidence on how they meet world class security standards.”
We’ve had some contact with Trend Micro before: we covered its white hat hacking of the AIS ship guidance systems in October, and spoke to its UK General Manager Simon Young about the threat Britain is facing from cyber-crime. But with AWS’s senior vice president Andy Jassy showcasing his services’ impressive security credentials in yesterday’s keynote, can Trend Micro really add anything?
“AWS’ security credentials are very impressive,” Mark agreed, “but we can help you lock down the operating system and the application, because that’s where AWS doesn’t help. We’ve also optimised our antivirus and security technology to work with AWS.”
So what’s new over at Trend Micro?
“We’ve upped the game for AWS integration,” Mark said. “This week we’ve added additional features to Deep Security, and the big change that really hits home for our customers is that we’ve changed its billing model too, so we now bill as a percentage of real security usage, so we’re helping reduce the impact on your wallet. And for SecureCloud, we’ve announced boot volume encryption for Amazon Linux and Windows instances, so you can fully encrypt your data at rest.”
So what will Amazon’s new releases, AppStream and WorkSpaces, mean for the future of online security? Has the game changed once again?
“With WorkSpaces, when you’re moving user workloads into the cloud, you want to be aware of what the security risks are,” mark said. “Previously the focus was on server security, but now we’re introducing users out into the AWS cloud. One of the premium offerings for WorkSpaces is our antivirus protection, so that’s a solid add – and we’re happy to help users provide that. And you’ll also need to reconsider how you do some points, but we have a full product suite ready.”
Trend Micro has been working with AWS for about two years – but does it really put its faith in Amazon? Are its internal websites run on AWS?
“We’re a huge AWS customer internally,” Mark told us. “Deep Security as a Service is fully deployed on AWS. We have six data centres of our own around the planet, that are world class, but we still chose to deploy Deep Security, all the way from the DWFs back to the databases, on AWS.”
We asked Mark how prepared people really are for the new era of security, as companies scramble to push their workloads into the cloud.
“I think there’s an increasing awareness that they need to be prepared,” he said. “Every day when I’m talking to customers, I’m excited to see that they’re learning more and more. But it’s a constant effort to reinforce education.”
“People are focused on their business. They don’t want to focus on some threat that may happen, the boogie man in the closet. We provide a lot of high level automation, so that you don’t have to worry about security until you need to take direct action.”
Make sure to follow our live coverage of AWS re:Invent, bringing you minute-by-minute updates from Las Vegas.
Image: Flickr (cliff1066™)Leave a comment on this article