Modernizing the enterprise’s cybersecurity in distributed networks
As organizations increasingly embrace remote working and remotely-monitored industrial operations, newfound gaps in the network’s cyber security preparedness become apparent. In fact, more use of cloud-hosted remote apps, services and resources – for all the useful and convenient accessibility they bring – can also further expose company systems and assets to a wider cyber threat landscape.
The cyber protection programs of many organizations were configured for on-premise protection, but many of the newer tools and services in production are cloud-based. Hence a lot of on-premise cybersecurity solutions that were cutting-edge and capable of company-wide protection when they were first installed, are now outmoded in the face of an ever-evolving threat surface that can’t be secured just by shielding endpoints.
Today the cyber challenges threaten an organization on many fronts, and the advent and rapid adoption of cloud solutions (often from different service providers that offer the best toolset for specific needs) has created multiple-threat zones that are difficult to compartmentalize and therefore identify cases of malicious activity.
The threat variety is extremely diverse and multi-shaded. Security lapses might include data breaches, broken authentication and account hijacking — while some activities may not seem particularly threatening, but are signs that the enterprise is being “scoped” in ways that don’t necessarily raise red flags when regarded in isolation.
At stake is the organization’s data, and (typically) from that data, monetary gain. But reputational damage alone can cripple some companies, especially in sensitive verticals. Once compromised, it might be possible to recover original data or be assured that the data loss was not game-changing. But if malicious actors were to capture data with ransomware, or release traceable data silos, that could cause permanent loss of reputational capital and the consequences: losing significant market share in the longer term.
Multifaceted exposure to nuanced cyber attacks is bad enough, but this pervasive issue is set to be compounded by the drive of many organizations to deploy critical systems closer to the user — multiple edge instances that lower access times and raise customer experience metrics. High-speed mobile connectivity is making this model increasingly possible, but IT teams are faced with the challenging conundrum of balancing the protection of confidential and private data while still delivering a productive environment; one that is remote, highly collaborative, and increasingly mobile-centric.
Traditionally, secure web gateways were installed in the data center to proxy traffic. Embracing more remote users, bring-your-own-device (BYOD) policies and edge applications, however, mean solutions like routing all remote user traffic back to the datacenter. While more secure, this obviates many of edge’s advantages and adds unnecessary overheads. Inspecting encrypted traffic by technologies like CASBs at gateway points potentially causes delays, network latency issues, and traffic bottlenecks.
With emerging technologies like 5G’s high-speed, low-latency connectivity and Internet of Things (IoT) smart devices expected to become a big part of enterprise ecosystems this year, these edge cyber vulnerabilities will likewise be highly attractive targets for bad actors.
Modern cyber weaknesses created from the latest business-led demands for cloud and edge require modern solutions, and organizations can keep ahead of this expanded multipronged threat surface by adopting modern, cloud-access or edge-specific security solutions that stretch cyber protection.
While traditional WAFs were perfect for a single cloud instance of an application or service, they were never designed for elastic deployments of many dozens of cloud services. And in some cases, the providers’ advice is to effectively shut down CASBs in order to compensate for potentially slow response times. For enterprises, therefore, the ideal blanket of security reaches between an organization’s on-premise infrastructure, cloud providers’ infrastructure and edge instances. At Tech Wire Asia, we look at four solutions providers capable of providing the breadth of security required.
Netskope offers cloud-native solutions for business data protection and defense against threats arising in cloud applications and cloud infrastructure. The company has been repeatedly recognized for its cloud access security broker (CASB) software tool that sits between an organization’s on-premises infrastructure and cloud providers’ infrastructure, offering security protection and enforcement end-to-end.
Netskope’s SaaS solution steers cloud and web traffic to a central cloud-native service for the purposes of traffic inspection and to ensure that network traffic between on-premises or remote devices and cloud providers complies with the organization’s security policies.
The Netskope Security Cloud offers a wider threat protection landscape including firewalls, user credential authentication, web application firewalls that discourage application-level malware, and data loss prevention software to prevent external data leakage. Netskope offers a unique data-centric approach to security, able to track data across not only to common business applications but to unmanaged cloud apps, to and from personal devices as well.
Vast amounts of network traffic can are overlooked or ignored entirely by a many secure web platforms’ security “features”. In that context, Netskope’s solution uses context-sensitive oversight onto cloud apps’ and services’ usage to provide a more relevant, data-driven picture of enterprise network traffic.
The outcome? The enterprise can apply the right, effective security controls at all the right points across the massively distributed and elastic network.
To read more about Netskope, check out this interview with Netskope’s Chief Security Officer, David Fairman for the inside track on this developing threat and amelioration landscape: here on the pages of Tech Wire Asia.
Dell EMC sells data storage, information security, data virtualization, analytics, cloud computing and a host of other enterprise-grade services that enable organizations to store, manage, secure, and analyze data.
Its hybrid cloud solution, known as Dell Technologies Cloud, is a highly flexible hybrid cloud management and operational platform, that can offer organizations access to rapid application development, significant cost savings and use of next-generation, cloud-native technologies like real-time cloud analytics and highly virtualized server-less computing.
Dell Technologies Cloud harnesses the computing power of the Dell EMC infrastructure to make hybrid cloud environments much more manageable, employing a robust hyperconverged infrastructure (HCI) platform, cloud management and orchestration tools along with full stack integration to vastly simplify deployment and lifecycle management of hybrid cloud deployments.
Dell Technologies Cloud consists of a comprehensive suite of hybrid cloud solutions: VMware Cloud Foundation on VxRail, a fully integrated turnkey solution that automates infrastructure to present a straightforward path to a hybrid cloud model; Dell Technologies Cloud Validated Designs, using top-of-the-line Dell EMC infrastructure allowing organizations to meet their custom workloads by building their own hybrid cloud infrastructure using pre-tested designs; and VMware Cloud on Dell EMC, a fully managed Data Center-as-a-Service solution offers the simplicity and agility of the public cloud with infrastructure installed in data center or edge locations.
F5 is an applications services and application delivery networking specialist, whose current suite of solutions include digital acceleration, application security, and Distributed Denial of Service DDoS defense components.
F5 began extending from application delivery into multi cloud solutions four years ago, when a customer survey found that 80 percent of respondents reported they are already committed to multi-cloud architectures, while another 20 percent stated that they would have over half their applications running in the public and/or private clouds within that year. The company then introduced technologies to make its application distribution capabilities more portable across a broader range of IT environments, including an automated traffic management proxy (in the form of the NGINX gateway management stack) that provides F5 services and service portability within modular, containerized environments.
Additionally, the company’s Container Connector solution combines F5’s application services platforms (including Application Services Proxy and its flagship BIG-IP product family comprising of hardware, modularized software, and virtual appliances) with native container environment management and orchestration systems such as Kubernetes, RedHat OpenShift, Pivotal Cloud Foundry, and Mesos.
Alongside automation and orchestration toolkits, F5 also parlays app security, traffic management, and cloud security components, improving security performance at the edge in the cloud, including tools to help simplify migrating existing architectures to the cloud, and secure applications that are used across critical industries like banking and finance, and distributed network service providers.
Unlike other hybrid environment solution providers on this list, UK-based Mimecast specializes in cloud-based email management and security for the Microsoft Exchange and Microsoft Office 365 software platforms, involving security, archiving, and continuity services to protect business mail.
With the significant number of cyber intrusions that occur through an email server, Mimecast secures electronic correspondence for nearly 40,000 businesses around the world, while its cloud native, fully integrated, and API-enabled Mimecast Platform not only protects from malware, credential harvesting, and impersonation attacks in work emails, but now also secures internal communication tools and educates employees on cyber security best practices.
In addition, the Mimecast solutions framework has become adept at protecting the customer’s digital footprint online, preventing brand-related manipulation by bad actors and enabling sophisticated fraud identification. Its Brand Impersonation solution is further capable of proactive data theft countermeasures, reducing the risk of business data exposure.
While email is still the top attack vector, Mimecast is aware that just like other front, cyber security cannot be confined to the email’s perimeter anymore. Mimecast integrates seamlessly within many organizations’ larger security frameworks, and is capable of 50+ integrations using standard REST APIs.
*Some of the companies featured on this article are commercial partners of Tech Wire Asia