Kate Adam, Sr. Director, Security, Juniper Networks

Networking for Change - Network Security: IT Takes a Village

Networking for Change SecurityData Center
Kate Adam Headshot

Don’t miss this delightful discussion about really cool security stuff.

This is your chance to hear what’s happening behind the scenes in data center security from some of Juniper’s top security experts, Babbette Jackson and Kedar Dhuru. 

Show more

You’ll learn

  • The complexities involved in data center security today 

  • Whether zero trust is a useful strategy for protecting data 

  • How you can apply zero trust and defense-in-depth strategies on the application front

Who is this for?

Security Professionals Network Professionals

Host

Kate Adam Headshot
Kate Adam
Sr. Director, Security, Juniper Networks

Guest speakers

Babbette Jackson
Information Security Analyst, Juniper Networks
Kedar Dhuru Headshot
Kedar Dhuru
Sr. Director, Product Management, Juniper Networks 

Transcript

0:01 [Music]

0:08 hey guys today we're talking about cool

0:10 security stuff and how impactful

0:12 security is on our modern ways of life

0:15 security touches almost everything and

0:16 everyone from protecting your mom's

0:19 identity to journalist sources to

0:21 protecting nuclear reactors and it

0:23 really takes a village i'm kate adam i'm

0:25 senior director of security at juniper

0:27 networks and i've asked some of my

0:29 colleagues here

0:30 to join me and share in a discussion on

0:33 what's happening behind the scenes in

0:34 security why don't you guys introduce

0:36 yourselves babette why don't you go

0:38 hello my name is babette jackson i've

0:41 been with juniper for about three years

0:43 i'm an information security analyst and

0:45 my main role is data loss prevention and

0:48 insider threat and to put that simply i

0:51 protect the company's most valuable

0:53 assets from

0:54 leaving the company

0:56 very very important

0:58 uh especially when you consider all the

1:00 intellectual

1:01 intellectual property and innovation

1:03 that goes on in juniper um

1:06 kadar

1:07 hi my name is kedar duru i'm

1:09 the director of product management for

1:11 juniper's

1:12 security infrastructure and platforms

1:15 it's all of the products that we build

1:16 that babette and her team use to

1:19 prevent the most important assets that

1:21 juniper has from leaving our

1:23 organization

1:24 i want to dive right in to the fun

1:26 questions um and talk about something

1:29 that

1:30 is very complex the data center and i

1:33 know

1:34 that calling it the data center is uh

1:37 something that's probably going to irk a

1:38 lot of you guys out there because

1:40 it's not a data center right it's many

1:43 different centers of data

1:45 data resides everywhere and especially

1:48 now that we see more and more

1:50 organizations using not just a public

1:53 cloud but multiple public clouds

1:56 can you guys give your perspectives on

1:59 data center security and

2:01 all the complexities that it may or may

2:04 not involve data center security quite

2:08 simply is about securing data it's uh i

2:12 mean the whole reason you have a data

2:14 center is you have a place where you

2:16 keep data

2:17 originally it used to be

2:19 one building

2:20 that you were able to protect

2:22 now

2:23 exactly not anymore now it's it's it's

2:26 um it's that one building you've

2:28 probably got five others

2:30 uh you you spread that out the reason

2:32 you did that was to build a level of

2:34 resiliency what if one of those centers

2:36 of data went down you at least could run

2:39 your business on the next one or the

2:41 third one and so on from there

2:43 you now have

2:45 public clouds which are nothing but you

2:48 know some other location where you're

2:49 running your applications and your data

2:51 or storing your data so i i look at data

2:54 center security as uh being able to

2:56 ensure that your users can get access to

2:59 the data that they need and at the same

3:02 time you want to be able to protect

3:04 that information from leaving your

3:06 organization of

3:08 as well as

3:09 you want to be able to protect everybody

3:10 that's trying to get access to it so you

3:12 want to know who's getting access to it

3:14 you want to know what they're doing with

3:15 it and you want to know when it leaves

3:16 the organization and for what purpose so

3:19 that's

3:20 in general what data centers are about

3:21 and and data center security is about

3:24 go ahead babette yeah to piggyback off

3:27 of that i believe it's the same thing uh

3:29 for my role and for my job it was part

3:33 of my assignment to understand where all

3:35 our data was where it's coming in and

3:37 where it's going out and understanding

3:39 that data is literally everywhere so in

3:42 order to secure data you have to know

3:44 where the data is but because there's so

3:46 many different applications and because

3:48 there's so many places that that that

3:51 the data is being stored the public

3:53 cloud was just someone else's computer

3:57 it was hard to keep track of where

3:59 everything was going

4:00 so to be able to know where it's coming

4:02 from to be able to know who has access

4:04 to it where it's leaving to where it's

4:07 going to

4:08 just takes a lot of management from all

4:11 sides from your own company from the

4:13 third party companies so just

4:14 understanding is

4:16 the bulk of security of where your data

4:19 is and who has access to it i've heard a

4:21 lot about

4:22 zero trust and defense in depth

4:25 is that are those

4:27 strategies used useful in the data

4:30 center to protect the data

4:32 and how how do you even go about getting

4:34 visibility into

4:36 all of these different locations where

4:38 this data may or may not reside

4:40 um well before something my manager told

4:44 me was the term we were using or phrase

4:46 was

4:47 trust but verify but with zero trust

4:49 it's become completely different

4:51 especially since we've been working from

4:52 home due to covet and all these major

4:55 changes so now people are moving to zero

4:58 trust which is never trust and verify

5:01 so with this it's a completely different

5:04 atmosphere

5:06 because i believe in the idea of

5:08 training and awareness but given the

5:10 fact that we have so many people

5:12 connecting from different places and we

5:15 haven't really inserted cyber security

5:18 in the forefronts of people's minds it

5:21 makes sense to go to

5:23 never trust and verify because at the

5:25 end of the day we just want to protect

5:27 the company's most valuable assets from

5:29 people trying to send it out insider

5:32 threat and the people trying to access

5:34 it so i believe zero trust is something

5:37 that we are pushing forward to and i

5:39 believe that we should continue to do

5:42 yeah so with applications um

5:45 and applications residing in potentially

5:47 multiple clouds at once you know

5:50 microservices

5:52 using containers

5:54 and using different workloads shifting

5:56 workloads from cloud to cloud as

5:59 you know costs get cheaper or

6:02 security controls or automation gets

6:05 better how do we apply zero trust or

6:08 and or defense in depth um on the

6:11 application front so defense in depth on

6:13 the application side you're right it's

6:15 it's it's like the um

6:18 the castle analogy uh a castle analogy

6:20 you uh in terms of defense and depth uh

6:22 you you

6:24 um in order to protect the crown jewels

6:26 that are located in a castle you want

6:28 you want to have that moat and then from

6:29 there you want to have the guards that

6:31 are

6:32 on the towers and then you want to be

6:34 able to have finally a door around the

6:37 crown jewels before anyone can get to it

6:39 that's your application that's your data

6:41 so um you take the same approach to

6:43 application security you want to

6:45 understand that your containers and and

6:48 the image of a container is not

6:50 compromised you want to ensure that

6:52 there are no vulnerabilities in that in

6:54 those packages that you're using then

6:56 you want to be able to understand that

6:58 the person that's writing the

6:59 application that that makes use of those

7:01 containers

7:03 hasn't written any any kind of

7:04 vulnerable gold so you you want to be

7:06 able to test it and then finally because

7:08 you cannot protect everything

7:10 you want to take you want to minimize

7:12 the risk even further but you let the

7:13 machine kind of try to understand what's

7:16 happening in the application know what's

7:17 a good

7:19 good application

7:22 sequence and then when something bad

7:24 happens it it actually at least flags it

7:27 and and alerts you or better yet it's

7:30 good enough to actually block something

7:31 bad from happening thank you guys so

7:33 much for joining me today this has been

7:35 a really delightful conversation

7:37 i love talking about cool security stuff

7:39 so thank you both baba and kadar and

7:42 thank all of you thank you thank you

7:45 [Music]

Show more