It’s a common mistake in enterprises to copy-paste security solutions from a peer. Strategies can be recycled, but sadly with even very similar businesses almost always have radically different IT and security requirements. I recall one hospital that looked at a nearly identical peer hospital that was only a few miles away. Much of the technology was similar, even down to the IT products (SAP, O365). Digging in they realized the differences in custom apps, how they patched, how contractors serviced them, and the capabilities of their security staff meant they’d need their own security architecture. If even similar organizations in the same horizontal have particular security needs, it only emphasizes that small and medium businesses (SMB), enterprises, and carriers usually have unique needs. Some of these differences are easy to find: some enterprises can dictate that an endpoint protection platform (EPP) be deployed on connecting devices, whereas a carrier can’t dictate that to customers, or an SMB with 200 endpoints has different management console requirements than a carrier monitoring 50,000 through intermediaries such as partners and affiliates. Carriers also have a much higher sensitivity to false positives while having to accommodate incredible degrees of heterogeneity: stepping on a customer’s legitimate interaction is rated much differently for a carrier than in most enterprises or SMBs.
Carrier security is changing in response to very different forces. 5G promises to be a technology as significant to carriers as cloud as has been to enterprises. Like enterprises, IoT presents to carriers and telcos vulnerabilities and issues of scale but the scale issues of carriers are often a magnitude greater and the impact of a vulnerability allowing a backdoor from the internal carrier network is not just a risk of security but one of brand reputation and potentially safety.
Network function virtualization (NFV) has been a big deal in cloud and data center security, and is also so for carriers but in a different way. With the first iterations of virtualization and cloud, enterprises weren’t able to address the virtual network directly and implement their own security as add-on services and were usually left with the choice of only using what the CSP or hypervisor vendor provided, or constructing inefficient hair-pinned flows to workloads simulating a netsec delivery. CSPs and hypervisor vendors reacted to allow enterprise customers and 3rd parties access to virtual network functions and switches in order to provide network access and virtualized security. Carriers also went through a parallel path. Carriers had access to NFV but the scale meant that the enterprise NFV security solutions weren’t useable, and most weren’t even close to securing the types of equipment that carriers deployed, nor in the way they were secured. Like cloud and hypervisor NFV security options opening up, carrier grade NFV security evolves as well, and is in fact being jumpstarted by 5G and IoT. And how NFV security is provided to customers is unique in carriers, with types of security being value-added services that require mechanisms for provisioning, updating and monitoring, often by partners.
The bottom line is that carrier security increasingly becoming specialized to the carrier market, and carrier grade security means using carrier grade security solutions rather than repurposed security from other verticals and hortizontals.
You can read more about this week’s announcement for carrier grade security and Trend Micro here.