Intelligent CISO Issue 08 | Page 74

collaboration and productivity across the workforce than ever before. Employees, partners and suppliers can now access information and systems remotely via mobile and online applications, meaning they’re able to work and collaborate from any location, on any device, at any time. However, to provide the required capacity and flexibility so these new technologies can be used effectively, most organisations now use virtual environments, placing applications in the public cloud for easier access. This means that many applications now exist outside the walls of the organisation, so traditional ‘physical’ perimeter security solutions that have protected critical applications in the past are no longer effective. Virtual environments place applications way beyond the well-defined physical boundaries and firewalls, exposing security weaknesses that cybercriminals are only too happy to exploit. To counter this vulnerability, businesses can now implement security directly into the network layer. The adoption of Software Defined Networks (SDN) has made this possible, enabling organisations to embed security into the very foundations of the network, ensuring that it is never just an ‘add-on’ or overlooked. The most effective approach to this is to create a Software Defined Perimeter (SDP) within the network layer, using a ‘non-discoverability’ approach to enable secure access to devices and applications across a public cloud. This means that an organisation can automatically hide application resources and devices from would-be attackers, as they are only ‘discoverable’ by authorised users. It also enables security teams to see any attempted cyberattacks in real time and provides them with the opportunity 74 Many applications now exist outside the walls of the organisation, so traditional ‘physical’ perimeter security solutions that have protected critical applications in the past are no longer effective. to secure critical resources and stop attackers in their tracks. The result is that the network and applications become akin to an exclusive private club where everyone wants to go. This software defined perimeter serves as the bouncer, controlling who can get in and what they can do once they’re inside. It checks user IDs and devices at the network ‘door’, then ‘escorts’ them inside for another level of approval/ verification before they can join the ‘party’ to use apps and resources. This keeps assets within the network safe and locks undesirables out. MARTIN MARTIN THORPE, THORPE, ENTERPRISE SECURITY ARCHITECT AT VENAFI ENTERPRISE SECURITY ARCHITECT AT VENAFI Mobile apps allow brands to connect with customers on an increasingly personal level, helping to increase brand stickiness and increase sale conversion. Yet they also open new attack vectors for hackers Issue 08 | www.intelligentciso.com