collaboration and productivity across the
workforce than ever before. Employees,
partners and suppliers can now access
information and systems remotely via
mobile and online applications, meaning
they’re able to work and collaborate from
any location, on any device, at any time.
However, to provide the required
capacity and flexibility so these new
technologies can be used effectively,
most organisations now use virtual
environments, placing applications in the
public cloud for easier access.
This means that many applications
now exist outside the walls of the
organisation, so traditional ‘physical’
perimeter security solutions that have
protected critical applications in the
past are no longer effective. Virtual
environments place applications way
beyond the well-defined physical
boundaries and firewalls, exposing
security weaknesses that cybercriminals
are only too happy to exploit.
To counter this vulnerability, businesses
can now implement security directly
into the network layer. The adoption
of Software Defined Networks (SDN)
has made this possible, enabling
organisations to embed security into
the very foundations of the network,
ensuring that it is never just an ‘add-on’
or overlooked.
The most effective approach to this
is to create a Software Defined
Perimeter (SDP) within the network
layer, using a ‘non-discoverability’
approach to enable secure access
to devices and applications across
a public cloud. This means that an
organisation can automatically hide
application resources and devices from
would-be attackers, as they are only
‘discoverable’ by authorised users. It
also enables security teams to see any
attempted cyberattacks in real time
and provides them with the opportunity
74
Many applications
now exist outside
the walls of the
organisation, so
traditional ‘physical’
perimeter security
solutions that have
protected critical
applications in
the past are no
longer effective.
to secure critical resources and stop
attackers in their tracks.
The result is that the network and
applications become akin to an exclusive
private club where everyone wants to go.
This software defined perimeter serves
as the bouncer, controlling who can get
in and what they can do once they’re
inside. It checks user IDs and devices at
the network ‘door’, then ‘escorts’ them
inside for another level of approval/
verification before they can join the
‘party’ to use apps and resources. This
keeps assets within the network safe
and locks undesirables out.
MARTIN
MARTIN THORPE,
THORPE, ENTERPRISE
SECURITY
ARCHITECT
AT VENAFI
ENTERPRISE
SECURITY
ARCHITECT AT VENAFI
Mobile apps allow brands to connect with
customers on an increasingly personal
level, helping to increase brand stickiness
and increase sale conversion. Yet they
also open new attack vectors for hackers
Issue 08
|
www.intelligentciso.com