10 Ways NSA Surveillance Revelations Could Impact The Channel4:00 PM EST Wed. Sep. 11, 2013
Channel chiefs from some top technology firms had little to say when asked by CRN editors about how revelations over NSA surveillance activities could positively or negatively impact the channel. Meanwhile, leaks by former NSA contractor Edward Snowden continued to make top headlines during a roundtable discussion with the channel chiefs at the XChange 2013 Conference in Washington, D.C. Edison Peres, senior vice president of worldwide sales at Cisco, summoned up a succinct answer: "We're still trying to understand what's happening there," Peres told CRN. "I'm not sure the whole thing is really clear yet." But as leaks continue to expose NSA activities, from reportedly obtaining ways to decrypt sensitive data to implementing back doors in widely used software, solution providers told CRN they believe the impact from the revelations could have significant repercussions on sales. Here are 10 areas where the consequences could be potentially considerable.
It comes as no surprise that U.S. citizens have a strong distrust of the government, but some solution providers tell CRN they fear that business executives could turn their cynicism and suspicion toward technology providers. NSA documents have revealed some technology firms working with the NSA to provide details about users of their services. Documents Snowden acquired show Microsoft working closely with U.S. intelligence officials. The documents also revealed major technology firms getting paid millions of dollars to recover costs for complying with the NSA Prism program. The Electronic Frontier Foundation, a nonprofit watchdog, is monitoring the practices of major Internet providers and services. With trust being among the core values instilled by solution providers with their clients, some have indicated that maintaining the role as a trusted adviser could get increasingly difficult.
Solution providers may see increased interest from clients about encryption technologies and guidance about its proper implementation. The NSA reportedly spent about $250 million to "covertly influence" product designs of private security technology vendors. The influence included inserting secret back doors or hidden vulnerabilities, enabling access points to commercial security software. And, in some cases, the back door apparently gave the intelligence agency access to encrypted data. While most security experts say the most widely used encryption protocol remains intact, implementation problems and configuration errors continue to open weaknesses. Companies that are serious about safeguarding intellectual property and other corporate secrets not only encrypt them, but they also do their own key management, a security expert recently told CRN.
The NSA revelations could renew interest in finding ways to gain better control over data management activities, solution providers say. It could spark interest in data loss prevention (DLP) technologies and deployments. Up until now, many firms are using DLP in a way that industry analysts say is not fully implemented. The focus is almost exclusively on compliance, experts say. For example, email is monitored to ensure Social Security Numbers and other sensitive customer data isn't sent out in plain text. Security experts have long advocated master data management activities, which start with a complete data assessment to identify and classify sensitive data, gain control over its storage, and eliminate duplicate and erroneous information. Some businesses may turn to consultants and solution providers for guidance.
Earlier this year, several vendor reports on the state of software security provided signs that software security processes at major software vendors are maturing. The NSA revelations about NSA surveillance activities could put pressure on independent software vendors to create less buggy software and better implement data protections. In addition to U.S. authorities, considerable attention has been placed on Chinese cyberespionage and other nation-state targeted attacks. The hacking tactics use custom malware and zero-day exploits that target previously unknown software vulnerabilities. Activities include improving software development processes, using an outside firm to conduct vulnerability testing and repairing vulnerabilities before software is widely implemented.
Clustered data and other cloud data storage technologies have been a hot commodity, according to industry observers, but documents outlining the NSA Prism program have revealed an effort by the agency to sniff network traffic at major intersections of the Internet on a global scale. The leak could fuel an interest in building, protecting and maintaining internal storage systems, potentially stifling the demand for public cloud storage. Solution providers say they could be pulled into more conversations about technologies that support private clouds and private Dropbox-style file sharing and storage technologies, assuming they can be properly protected.
A panel of experts at the 2013 RSA Conference said poorly configured and maintained security appliances lead to networks that can be easily penetrated by cybercriminals, including nation-states conducting espionage activity. Often a newly installed appliance gives corporate executives a false sense of security, they said. Solution providers may be increasingly relied on to provide an assessment of network security infrastructure, conduct remote maintenance of firewalls, IPS appliances and other security devices on the network. The NSA surveillance revelations also could fuel interest in locking down wireless networks and better VPN technology to encrypt network traffic to remote employees.
This week, a Cambridge, Mass.-based security startup BitSight Technologies unveiled a new service that aims to score the security effectiveness of thousands of businesses. The goal is to help companies scrutinize the risks posed by the security posture of their business partners. Norse and Lookingglass Cyber Solutions also have demonstrated technologies that analyze live web traffic to detect botnets and other cybercriminal activity emanating to and from corporate networks. They say the data could be used to reduce the risks posed by business partners and customers. Some experts say the erosion of trust in technology firms associated with the NSA surveillance activity could prompt a desire for better visibility into the security culture and expertise of solution providers.
U.S. intelligence agencies say they are still investigating the extent of the data taken by Snowden. Estimates run from hundreds to potentially tens of thousands of documents bilked from NSA files. Snowden, a system administrator working for McLean, Va.-based Booz Allen Hamilton, gained access to NSA systems from his location in Hawaii. Snowden reportedly downloaded the documents onto USB keys. An NBC news report revealed that Snowden was one of about 1,000 system administrators who were given broad access to NSA systems and his "actions were largely unaudited." The NSA revelations could renew interest in database activity monitoring, technologies that monitor employee behavior, and control end-user activity, according to solution providers. Web content filtering, whitelisting and other measures also could be taken to strengthen security measures.
Solution providers told CRN in July following EMC's acquisition of Aveksa that the market for identity management and access control platforms is in flux. The news of Snowden's apparent widespread access to systems, combined with ongoing password theft and other high-profile data breaches has prompted a look at tighter access control measures, including multifactor authentication, provisioning and reporting. Solution providers say the latest behavioral analytics can identify if someone is attempting to log into systems from an unusual location or at an unusual time, and challenge them with additional measures before validating and authorizing access to corporate resources.
While some consequences to the NSA surveillance revelations prompt revenue opportunities for solution providers, perhaps the most damaging impact to sales is the potential for businesses to withdraw from cloud-based initiatives. Remote services, adopted to cut costs, could be brought back into the data center. One cloud expert told CRN that a less threatening action would be to move systems off of shared resources into co-located facilities, where additional security measures can be applied to better protect systems. Solution providers of services that use SaaS-based applications should watch closely, but as Edison Peres, senior vice president of worldwide sales at Cisco, put it to CRN in August, any evidence of a positive or negative impact to the channel can only be measured over time.