Like many large enterprises, Boeing is growing more sensitive to data leakage, but the company is still trying to figure out how to retool its network to secure its perimeter from outside attacks and put controls in place to protect its data from internal threats.
In a presentation at the Burton Catalyst Conference held last month in San Francisco, Carl Bunje, Boeing's chief technology officer, said the company is taking a defense-in-depth strategy, but when it comes to defending the network, it's still evaluating its options. Bunje and his team want tighter integration of systems and provide non-Boeing users with both onsite and logical access to Boeing-hosted systems.
The requirements are driving the company toward a more open network using a service oriented architecture approach and Federated ID management. But putting in the right technologies to make an open network secure is a complex problem, Bunje said.
"We want inside users to be no more trusted than outside users," he said. "There's a lot of domains that have to come together to provide a coordinated, comprehensive set of access points."
While Boeing is retooling its architecture Bunje wants to keep the same security principals in place. The organization strives to provide only the least number of privileges necessary for an employee to perform their job. The company has deployed a defense-in-depth approach with layered access control, network level intrusion detection and prevention and continual auditing of systems to detect abnormal changes.
Boeing is considering network access control, but the technologies available are either too complicated to deploy, not mature enough, or don't fit into the company's overall business model.
"We're still struggling with what that type-two policy enforcement is going to be," Bunje said. "We haven't found any technology that does all types of things we want in any way, shape or form."
Across the board, companies are still struggling to develop an open network architecture. The goal is to keep systems locked down while also evaluating and assigning appropriate access privileges to those attempting to log onto the network.
"It's all about risk calculus, understanding what those business risks are and how much we're willing to give up in terms of moving to an open network model," said Phil Schacter, a research vice president at Midvale, Utah-based Burton Group. "[Companies] want the business flexibility"
Schacter said current technologies at the network perimeter will remain the same, instead many firms will be reshuffling responsibilities between multiple perimeters. At first, companies are trying to get the maximum mileage out of their existing routers and network packet filters, Schacter said.
"There will be multiple security models and in some organizations, especially very diversified global organizations one model will be appropriate for one area and in another business unit a very different model will be appropriate," he said. "We'll see these hybrids and permeations exist in the marketplace."
At Boeing, Bunje is developing zoned access controls to enable access to its thousands of servers. Each zone has its own access control policy, interpreted by a policy administration point and processed by a separate policy decision point.
Access zone development is difficult because each zone encompasses multiple data centers and data center partitions and must differentiate at the virtual server level.
Bunje said the company is beginning by increasing the awareness and responsibility of systems owners for defining and accepting the appropriate level of risk for their systems. Next, Boeing will prepare systems for policy driven authorization and multiple levels of access control.
"This isn't easy and that we're still in the early stages," Bunje said. "These are places where standards are going to have to be filled in."