Tom G: Hi, Camille, how are you doing today?
Camille: I’m doing well. How have you been?
Tom G: You know, we had the exciting snowfall in the Portland area, which is the first time this year, just a couple of days ago.
Camille: You know, I went out for a walk with my kids. And my daughter came back and she was like, “Oh, it was snow flurries.” And my son said “what’s a snow flurry?” And I realized I actually wasn’t exactly sure. Sure. What the definition of a flurry was. And my daughter just absolutely answered him. Like she absolutely knew what it was. She’s 10. How I make it to my age and not actually be sure what a snow flurry was, technically.
Tom G: (laughs) I, I don’t even know where to go with that. I don’t even, especially in the Portland area where we rarely get snow when we do everything shuts down, but I will tell you, my dog was fascinated. Just sat at the window and watched this white stuff fall from the sky. And, uh, as soon as we let them out to be in it, he was much more interested in staying inside and watching it from a distance than actually being in the snow. But all that excitement aside. What, uh, what interesting security topics are on mind today?
Camille: Well, I’ve been thinking a little bit about as we’re securing our devices, especially as we’re working from home–even trapped in our home during snowfall. Uh, and I was wondering, is it good enough to secure our devices themselves? Or do I need to think about the fact now that I’m sharing a printer with my kids say, and they’re all on the same network, do we need to be considering the network as well now?
Tom G: Well, I think the network’s always been critical for security, um, but the, the sort of demographics, if that’s the right word of the network is totally changing in the past networks were completely controlled. And now you see this almost consumerization of the network, where in the example you said you’re sharing the same printer with your kids. But that opens up an interesting dilemma. Like when you go to hit print, even if it’s a confidential work document, uh, you hit PRINT, now it needs to go in your home network from your PC to the printer. That’s probably not the level of security that existed when you were at your company and you hit PRINT and it goes from your PC to your printer–
Camille: I would never print anything confidential, of course! Let’s get that straight right now on the air.
Tom G: (laughs) Okay. That’s true. That’s true. You would never do that. Uh, but that, that sort of transition as people are working from different places that, that type of networking has changed. And then the other part of networking that’s really changed is, as we have more and more connected devices–maybe their IOT devices–those devices are inherently network together. We’ve been talking about that as an industry for years. Uh, but protecting that network and protecting the data that’s on those devices, it’s not enough just to protect the device.
You also have to think about how those devices are talking to each other. In fact, that’s where a lot of the value comes for those devices is the connectedness of them. So how do you protect the network? And that’s changing. So I think it’s a really good topic.
Camille: Yeah, and I’m interested in how that’s similar or different when we’re talking about. Doing work for a company out of your home versus, um, the connection of internet of things, devices, you know, in an industrial sense.
Tom G: Yeah, there’s a lot going on here. So this is, this is going to be a good topic. It’s a complex sort of multi-variable type topic. So it’s perfect for a podcast like this.
Camille: So we need a networking security expert in here who’s familiar with old school networking within an office building as well as new school, networking with the internet of things and work from home.
Tom G: That’s right. We got to get a good expert here, but I think we’re up for the challenge.
Let’s go for it. Our guest today is Mauricio Sanchez. He is a research director at Dell’Oro Group, leading the Network Security Research Program and the advanced research reports on secure access service edge. He’s focused on strategy and helps shape the coverage of next generation networking architectures and service models.
So welcome to the podcast Mauricio.
Mauricio: Thank you, Tom. Glad to be here.
Tom G: So I kind of introduced you to the high level there, but I thought it’d be good maybe to have you in your own words, talk about what you do. And some of the interesting challenges that you’re facing.
Mauricio: Sure thing, Tom. So I guess the way that I always like to introduce myself is that I’m a networking geek with a security bent. And, uh, what I mean by that is my entire career has been in networking [00:05:00] with a strong security tenor to it. And, um, and so right now I own the security services coverage here at Dell’Oro Group. Which is a quantitative program. So we look at markets and technology segments, and we’d try to decipher the intersection between technology and business to figure out where things are in terms of business and technology, but also try to forecast where things are going.
When you think about security, it’s very fluid, right? Because there’s always innovation, there’s always new ways of looking at things. And 2020 we look at it, it wasn’t just the innovation and looking at them, the security threats and the ongoing trends that are from an attack perspective, but it was then the pandemic, right?
And so over the course of the last six months, one of the key areas that we’ve been focusing on is this phenomenon of working from home. So now we’re looking at what’s this mean moving forward? Because as we look at the ripple effects, what we’re seeing is that the new normal, we do expect to go back to something that is a little closer to where we came from pre-pandemic in terms of society and how we, and hopefully we’re all able to get together again in the same room and not be fearful.
But when you look at enterprises and how they conduct their business, what we are seeing is that this work from home phenomenon is here to stay at a much higher level than it was pre-pandemic. And so when you start thinking about that, that then has a number of ripple effects whether you think about networking or security.
Tom G: So what are some of the highlights, I guess, if you will, in terms of how does that change the networking element or just in general network security, this whole working from home trend?
Mauricio: So from a network perspective, you’ve got this situation that you have this old hub and spoke model using VPNs and, uh, whether they we IP ?second? SSL and all the traffic got backhauled to the corporate network and then got squirted out to the internet.
So as you think about now that you’ve got two things, the need to contend with you’ve got a huge number of new teleworkers that are now sitting off in their home office or, or coffee shop, or maybe connecting to, uh, back to their, to the corporate network. And second, you’ve got this IT transformation where workloads for the enterprise, or not necessarily now in the corporate confines, but now they’re a SAAS applications, a Salesforce or Microsoft One drive. So now they’re sending off on, on the internet.
So from a network architecture perspective, that classical model of sending backhauling stuff back to the data center and then squirting it back to the internet has a number of problems–whether it be from a scalability and performance perspective, you know, as soon as people start running into experience issues because everyone’s trying to pile in into that same little gateway towards the internet. People are going to find how to get around it. And so as soon as you that happens too, and people start accessing resources off of the internet directly, that’s the wild West in terms of now they’re exposed to the threats, uh, our, uh, internet present and shadow IT becomes a huge issue.
So really then the network architecture of the past isn’t conducive to be able to address this new scenario. So people are starting to rethink, and even in the vendor community, there are starting to be new technology approaches that are starting to come into view to be able to address these fundamental problems, both with the architecture, as well as these new trends that have exploded over the course of the last 18 months.
Tom G: Yeah, what you’re saying certainly resonates with me. I wonder, you know, if you look at it just from a security standpoint, are there best practices that you think would be relevant to share with this audience in terms of how they should be thinking about network security?
Mauricio: So, if we go back then to these inflection points of an internet-based application infrastructure and this phenomena of the increase working remotely, or working from home, then a number of things come into mind.
First, as enterprises move to a SaaS-based model and rely on third parties, it becomes extremely important to make sure that the network and the it infrastructure in general plays a role in making sure that the right connections are happening between the right users and the right applications. Uh, because as I, as I said at the beginning where people are the pandemic where they started to suffer experiences, I’m sure some people figure it out how to circumvent corporate security to get directly to the data, you know, that Dropbox or the Zoom or the, the, the One Drive, directly.
And so the, the issue there is that it becomes very easy when you’ve got this distributed application infrastructure where you lose data. At the end, what really matters? It’s the data, right? So it’s all too easy that all of a sudden, a user–really by accident, not necessarily maliciously, but we’ll talk about the, the, the, the malicious factor in just a second–happens to push a sensitive document to the wrong spot in the internet, right? Because all of these are internet-based applications like One Drive or SharePoint, what have you. What have you then all of a sudden you have a leakage scenario come about.
So there’s been a number of technologies over the years that have come into view. And so throwing up a couple of terms here, in terms of data leakage prevention or a cloud access security brokers is two technology segments that have really gotten a strong tailwind here in the last 18 months. So vendors that participate in that are, are doing much better again, because of the security considerations that enterprises are finally realizing that, “Hey, it’s not just about the connectivity. The network goals, it needs to play a role in terms of making sure that the connections to these applications are the right ones and that the data is being pushed around in the same way.”
On the flip side, we also see that the amount of attacks from a data perspective against these SaaS-based applications has increased significantly because I think what the attackers have realized is that rather than trying to penetrate the network perimeter of the corporate enterprise to get into the data. They’re finding that, “Hey, if I can go crack a SaaS application and crack–get into a One Drive or a SharePoint” that’s sits off on a the third party hosted repository or application, then they’re getting the same class of data that they would otherwise previously, when that data resided inside the corporate confines.
And there’s a couple of reports out there, like the Verizon Security Report that they publish out periodically that point out to cloud malware being a significant issue that has increased over the course of the last several years and leakages that data leakages that come about because again, it’s all too easy in this highly distributed environment where, um, the, uh, the data is lost inadvertently or maliciously.
Camille: Hey Mauricio, are you seeing the ways that attacks are occurring or different with the SaaS-based models?
Mauricio: Yes. Yes, because again, before what the various industry reports or are reflecting, is that the credential attacks, which is still the predominant way that people try to get into a corporate confine is still the number of way to get into, but versus trying to penetrate a server and the network and get into the, into the corporate network. They’re now pivoting towards blasting corporate accounts that sit off on Google Suite or Office 365.
And so now they’re directing their focus on that and they’re starting to come up with some clever ways that once they do crack the password and get access to the data, they’re placing malware on those file shares that looks like legitimate files. And so becoming a way to distribute malware to get deeper into the corporate ecosystem.
Camille: But, but are we seeing like a rise now in phishing style attacks, uh, versus some other kind of target? or how, how are, what should we be watching out for specifically in terms of locating or identifying an attack over SAAS versus a previously.
Mauricio: The phishing is happening, but now it’s shifting from the attackers, wanting to get the credentials to, to be able to get to the corporate network and the corporate servers to now looking at how, how are they getting the credentials to the SAAS applications? Because a lot of that same, uh, sensitive data now sits on those, those third party services versus within the corporate mode.
Camille: So one other question on, on this line of thinking is just, are there any changes then that corporations are implementing or ought to be implementing with respect to privacy policy in moving to a SaaS-based model?
Mauricio: Oh, well, definitely. Um, going back to the theme of working from home is the fact that how do you make sure that privacy regulations are adhered two when you’ve got people dealing with sensitive data in non-corporate settings? Particularly right now during the pandemic where you may have say an insurance agent working from their coffee table. And so how to make sure that the privacy component is preserved across the regulatory framework, the IT landscape, and ultimately make sure from a security perspective that only the right people have access to the right data. Let alone it being lost for the reasons that we just highlighted when attacker start going after those gold mines.
Tom G: So it seems to me Mauricio that what we’ve been talking about while we we’ve labeled this topic today, sort of around network security, but we’re really talking about just best practices, in general–in terms of things like making sure the person at the device that’s trying to connect to data is actually the person they claim to be. Things like how you do authentication and maybe layering in a two-factor authentication to just ensure that credentials aren’t easily stolen.
And, and, you know, correct me if I’m wrong, but it just seems like whether the data happens to be sitting in a corporate data center or it’s sitting in some SaaS data center, wherever around the world, lesser is less important than are you controlling access to that data to the people who just need to have that access and making sure that everyone else that wants the data can’t get access to it?
Mauricio: Yes. And when we look at it from a network security, what what’s really caused things to upside down is that the environmental conditions have drastically changed. Right? So from a network architects perspective, the world was much simpler before the pandemic before the ascension of large ranks of teleworkers before the internet application, because everything was much more contained and monolithic.
So with a network architects role to interconnect this–and also increasingly play a security part because by their nature, network architects are necessarily responsible for the security outcomes of enterprises–they’re really responsible for getting traffic from Point A to Point B in the most efficient and, uh, and reliable manner. But as we have seen over the last 10 or so years, all IT teams are now having to pile in to, uh, participate in the overall security outcome of the enterprise.
And so the pandemic has crystallized a couple of problem statements for the network architects and is fueled the need for enterprises to collaborate across it silos in, in service of this greater good of making sure that the data isn’t lost either by accident or by malicious nature.
Tom G: Yeah. I remember hearing about a one company and we won’t use their name–but when the pandemic started, they realized that they had a problem because they had all these workers that were working from home and their security solution only ran when people were basically VPNed into the corporate network. So they weren’t able to keep their end points safe if, and unless they were connected to the network.
And obviously that’s just not the way people are working right now–or at least they’re not always connected. So that particular company had to very quickly switch their security solution to a cloud-based model, which could still protect the clients. Even if they weren’t VPNed back into the corporate environment.
Mauricio: That’s right. And the big inflection point that really started prior to the pandemic, but the pandemic has really, like I said, crystallized this whole notion is that the enterprise needs to treat the internet as an extension and a full-class citizen of the, the enterprise network. Right? So the, the internet is becoming the enterprise network for a business. And this is a huge philosophical shift for those people that grew up in the age of being able to touch the box, know what fiber the packets were running on and really own the end-to-end network themselves.
So moving to the cloud model, it’s a it’s for them, let alone the security implications has been a significant shift. But what we do see in talking to some of the resellers and VARs out there is that it’s starting to click. Right? So, so rather than thinking about the cloud-based architecture as an end state where the network is and the internet is becomes part of your corporate backbone as being an exotic, kind of a bleeding edge type of technology. The conversations are starting into that. “Hey, yes, the internet is part of my corporate backbone. My applications are sitting off on the internet. They’re not sitting in an on-premise data center. We’ve got devices are all over the map. Some of them are corporate owned. Some of them are BYOD and we’ve got users all over the world that are coming in either hot-desking or coming in a coffee table.
What do we need to deploy? And what are the philosophical changes to the IT architecture network architecture that they need to embrace” to make sure that as they move into this new era, that the network plays its role, its historical role of connectivity and getting packets from Point A to Point B reliably and performance wise, but also playing that role in from a security perspective and not becoming a conduit or, or losing the ability to play a role from a security perspective.
Camille: Mauricio I have to ask you, what was, you said it was a sluggish transformation before moving to the SaaS model. What was the reluctance before? and have there been some sort of shift in actually that technology or model that makes people more comfortable or are we all just stuck switching to it because there’s no alternative at this point?
Mauricio: Well, I think there was a change is hard. Right. And, and that’s kinda what it boils down to is, is that, uh, what was proven and what people were comfortable with is what they wanted to stay with.
But during the pandemic, I think enterprise leaders, CEOs found that, “Hey, if my business is not more digitized, hasn’t undergone this IT transformation I’m starting to hurt.” Right? If a business was predicated on having their employees, having to come into the office and that enterprise wasn’t really internet and remote worker friendly, then, uh, they found themselves having to catch up and making themselves a little bit more internet friendly.
I think the other historical pressure that, that, uh, has, has kind of layered into this is just the cost dimension. So IT budgets aren’t increasing. And in fact, with the, uh, element of a number of market verticals really being crushed over the last year, IT leaders are looking to see, “well, how is it that, that I can expect to be able to service the business, but do so in a much more cost effective manner?”
And SAAS is the model that has come into view to be able to move from a CapEx intensive, to a more Opix-driven model, so at least in the near term, you don’t have these huge cash outlays of new data centers of new net network infrastructure becomes more of a service that they can manage and have predictability in terms of [their budgeting, at least near term, again, not having these, these bursty cash outlays.
So I, I think you were asking whether there’s any alternatives. Now, as we look over the, the eras of decades, right? So everything kind of goes in pendulums, right? I’ve been in the industry over 20 years and I’ve seen how the pendulum is swinging towards cloud. There’s very early indications at the pendulum may swing back for certain workloads rather than being on the public cloud they come back to an on-prem multi-cloud type of scenario.
Enterprise have to embrace this SAAS-based because not all workloads are going to come back as, as proprietary workloads and applications. But there are probably some applications that will be coming back, uh, on-prem, which then relieves a little bit of the pressure of, of having to go full SAAS model. But right now there’s no clearcut alternative that’s going to take us yet in a completely new direction.
Camille: Um, one other question is, do you, uh, do you see the actual physical connectivity to the home or remote office changing or evolving in the next few years?
Mauricio: Definitely. Connectivity has, for better for worse, slowly increased as the cable providers and the internet service providers to homes have tried to catch up to the overwhelming demand that happened over the last year. We’ve seen an increase in fiber deployments as well as DSL standards continue to evolve, to improve the reliability as well as, as a thoroughput.
So. I wouldn’t say it’s a, it’s a revolution in terms of connectivity, at least from a wired perspective. Now, when we talk about a wireless perspectives, and then it brings into dimension, the 5G phenomenon, right? So that’s, that’s kind of the wild card right now in terms of how is that going to affect connectivity down to the home?
I think the, the early tea leaves are saying that that, yes, it will become an alternative for certain use cases to have that as a backup for critical employees who need access a 100% of the time. But, uh, but, uh, uh, it, it remains to be seen. 5G will definitely play a role from a wireless perspective, but it’s not clear whether it’s gonna revolutionize or become as it likely will become just another alternative to a pallet of connectivity options.
Tom G: Before we let you go. We do like to, uh, share some pearls of wisdom that you may have that you think listeners might find interesting and appealing could have something to do with technology could have absolutely nothing to do with technology. It’s totally up to you.
Mauricio: Sure. Well, being a techno geek at heart, I always like to think about, well, “how has technology and what man crafts compare to biological systems? So I’ve, uh, I’ve, uh, a one-year-old daughter–an older one is as well, is four. But my one year-old daughter is the one that’s going through some massive development. Right? So, you know, in the industry, we like to talk about Artificial Intelligence and Machine Learning, but then you look at what nature has, has been able to craft over or with evolution.
And it’s amazing that when a baby is born, they’re born with a hundred billion neurons, which is what they’re going to have for their entire life, which is equivalent to the stars and the Milky Way. And right now, during the first three years, the connections, the synapses between the different neurons are being built at a furious pace. With the appex being in the first year, they’re building two million connections per second. That’s astounding, what biology has figured out in order for them they’re learning. Right.
And so I see my one-year-old in that journey of building synapses, a one-year-old learns about one to two words per hour. Right. So it’s just picking up languages, she’s soaking it in. I wish we could learn like that in older age, right? Two, two million connections per second.
Tom G: No kidding. That’s amazing. So you said 1 million connections or 2 million connections per second. And that’s the apex. Of the, the rate?
Mauricio: That’s the apex. Yeah. So that hits a, that hits, uh, within the first year of their life. Then it starts coming down and by the time they’re five or six, it’s actually going in reverse where the brain is starting to, to optimize, uh, because it overbuilds. And then it started, self-selecting kind of figuring out which connections actually make sense for, for, um, th the, uh, based on what they, their environment may be.
So, yeah, it’s, we’ve got a long way to go in technology with machine learning and artificial intelligence.
Tom G: No kidding. Well, that’s an interesting one. So, Camille, what, uh, what do you have, do you want to share?
Camille: Well, in order to keep up with that, I’m going to be drinking a lot of caffeine. So in that spirit, um, I was pleased to discover a few years ago that, uh, my namesake plant here, the Camellia is really the genesis of all of our tea. So any kind of tea that you’re having, unless of course it’s herbal tea, but if you’re having green tea or black tea, Or oolong tea, Uh, it all comes from this one chameleon plant it’s called Camellia sinensis in Latin.
And it’s got, I don’t know if you guys are familiar with Camellia plants, but, um, they bloom in the winter. So right now, kind of walking around Portland, all the Camellias are in bloom and they’re in all different colors from white to red, kind of in that sort of Rose through pink family. But Camellia sinensis, the tea plant is just this pale white, very simple flower. And, uh, we actually just take the buds from the leaves from that. And whether you’re getting green tea or black tea is just only about the amount of oxygen that we allow the leaves to be exposed to.
And I guess one time when I was in China, I’ve got to visit these, uh, it’s almost like wine country there in Southern China, but it’s tea. And so you can see them all drying and getting different levels of oxidation.
Tom G: I had no idea I’m not a tea drinker, but, uh, I find that fascinating. It’s all the same plant, it’s just how much– it’s kind of like peppers, red peppers, yellow peppers, whatever, they’re just a different degree of sort of rightness determines what color they are is what I’ve, what I’ve been told. I don’t know if it’s true. So my fun fact is, uh, I’m sticking with the biological theme, but in a different realm.
I recently learned that for every human on the planet, there are 1 million ants. (laughs) I think a lot of them live in Houston, Texas, ‘cause I used to live down there. You walk around anywhere and they are all fire ants and they get you good. Um, but uh, yeah, a little fun fact. There was a lot of friggin’ ants on this planet.
Again, Mauricio thank you so much for taking the time today to talk to us. And I think it was a great, great topic and hopefully people learned a lot from it.
Mauricio: Thanks for having me.