AT&T targets enterprise security market, eyes jailbroken devices

The U.S. carrier believes that an aggressive approach to enterprise security will help protect businesses against digital threats & risks including DDoS attacks, botnets and employees connecting to corporate networks with insecure and jailbroken mobile devices.
Written by Charlie Osborne, Contributing Writer
credit cnet
Credit: CNET

AT&T has announced an expanded set of managed security solutions (MSS) for the enterprise, designed to give system administrators more tools at their disposal to scrutinize and manage their networks, as well as provide malware protection.

The U.S. carrier will discuss the expansion of its offerings today at the 15th Annual AT&T Cyber Security Conference in New York City, where Andy Daudelin, Vice President of Security Services at AT&T Business Solutions will outline the company's new growth plans.

Speaking to ZDNet, Assistant Vice President of Mobile, Cloud, Access Management Security Michael Singer spoke about the company's new approach, which includes four main "pillars" to keep enterprise networks secure.

The areas AT&T will focus on are network-based defense, cloud security, secure mobile business, and threat management.

The new security measures begin with the device itself. AT&T's solution scans an employee smartphone to detect and deal with malicious applications which may be in operation. The software can also detect whether an employee's phone has been jailbroken, which Singer says represents a risk if connected to corporate networks.

AT&T says it currently manages 24,000 devices and one million seats for cloud-based security services. When considering today's plethora of different mobile devices and models which are used in business and through bring-your-own-device (BYOD) schemes, Singer admitted that catering for varied mobile operating systems is "complicated."

"The problem is industry-wide," Singer said. "But we want to take advantage of everything we can."

Once a mobile device has been scanned, the next layer of defense is a private, encrypted virtual private network (VPN) tunnel which creates a secure communication channel between device and network. Even if a device has been breached, Singer says, it would be difficult for cybercriminals to access and make use of communication-based data.

Additional tools scan and monitor networks to let system administrators know if their cloud services or corporate network are under threat.

An administrator can keep tabs on what devices are connected to the corporate network through a back-end dashboard. The idea is to give network administrators the tools to enforce their company's security policies by detecting and flagging up any problems with device connection, whether it be unauthorized access or a BYOD employee's jailbroken iPhone. 

Over the past few years, the U.S. carrier has seen an increase in the use of distributed denial of service (DDoS) attacks. According to Singer, the use of botnets has risen thanks to the resources now available at cybercriminal fingertips -- namely an expanded marketplace and the introduction of a resource rental model which gives attackers more capacity for large-scale, targeted campaigns.

To cope with the problem, AT&T has doubled its network capacity to manage the growing volume of distributed DDoS attacks and recently added a DDoS protection option for customers deploying critical Web applications, including Content Delivery Networks (CDN). These enhancements help disperse and absorb malicious traffic before reaching customer networks.

"Security is at the very core of what we do as a company," said Daudelin. "From the security controls built right into the backbone of our network to our proprietary threat intelligence, we work to make security an enabler, not a limitation of business transformation. That's one reason why we have a 98 percent retention rate among our security clients."

The new business solutions are slated for release this year.

The next step for AT&T, Singer says, is to create a new type of hybrid network which can better cope with DDoS attacks. Currently, networks rely on scrubber models which redirect malicious traffic in order to set it through security filters and keep tunnels as clean as possible, but the U.S. carrier is researching ways to merge this with a content distribution model that has enough capacity to cope with attacks without service interruptions.

Editorial standards