sb-as logo
Story image

Now you see me, now you don’t: Security beyond the physical network

16 May 2018

For a long time, an organisation’s network security was defined by the physical perimeters of its office building. Within that perimeter sat its IT infrastructure, including its data centre and computer network. The business’s only network security goal was to protect those internal services from external threats.

Fast forward to 2018 and the days of the wired office are quickly fading. With so many executives able to work remotely, everything from devices and software to services are moving beyond physical premises.

This big shift in the way people work means organisations can no longer rely on the same legacy security models they have been using to date.

With dissolving physical perimeters, companies are more exposed to sophisticated attacks than ever before – with untrusted third-party vendors connecting to their internal networks, and critical applications such as email, unified communications, customer relationship management (CRM), contact centre and enterprise resource planning (ERP) moving to the cloud.

Verizon’s 2018 Data Breach Investigations Research (DBIR) showed 73 percent of the 2,216 breaches investigated were perpetrated by outsiders. Cybercriminals are also branching out from traditional user device attacks to target mobile users – for example, advanced persistent threat group Dark Caracal stole hundreds of gigabytes of sensitive data from mobile devices across 21 countries earlier this year.

As networks extend beyond the physical perimeter, so too should the approach to security. Organisations must shift their mindset and approach to match the evolving risk landscape.

Take for example the Software-Defined Perimeter (SDP). This technology leverages a "non-discoverability" approach to enable secure access to devices and applications – meaning an organisation can automatically hide application resources and devices from would-be attackers. SDP enables visibility of an attack in real time and provides the opportunity to secure critical resources to stop the attack in its tracks.

In non-tech terminology, the network and applications are like an exclusive private club. This network perimeter security solution serves as the bouncer, controlling who can get in and what they can do once they’re inside. It checks user IDs and devices at the network ‘door’, then escorts users inside for another level of approval and verification before they can join the party (i.e. use apps and resources).

An SDP acts as a secure broker between users and internal applications. This involves changing the rules to isolate mission-critical applications from the open internet, where the majority of external attacks originate. By removing this visibility, the SDP in turn removes the threat factor from potential attacks without having to secure every single node on the network.

Organisations can use SDPs to create specific policies for users, user groups, applications or application groups – with applications not visible to any users who aren’t authorised to access them. By segmenting applications in this way, enterprises can more easily protect critical information.

It can also provide users access to applications without requiring them to connect to the corporate network or VPN – they can just connect straight to the application, mitigating the chances of an attack from third-party devices. 

Imagine a financial institution under cyber-attack and its customers being locked out of their bank accounts. SDP would allow customers direct access to their accounts via the bank’s apps – as the apps themselves are ‘ring-fenced’, with SDP providing continual safe access and non-disrupted transactions. In the meantime, the bank’s cyber security team can watch the breach in real-time and work behind the scenes to minimise its impact.

A specialised SDP group can ensure only certain people are allowed access to business-sensitive documents and negotiations – such as mergers and acquisitions. Access is restricted by authentication only and the online addresses are hidden from public view. Information can be shared freely within a trusted circle, without the threat of compromise.

It’s time for the industry to start thinking differently. We owe it to our employers, customers and service providers to look at a new way of protecting our networks.

Article by Verizon associate director of Solution Architecture Lee Field.

Story image
CrowdStrike acquires Preempt Security for $96m, develops zero trust security offerings
With this acquisition, the company plans to offer customers enhanced Zero Trust security capabilities and strengthen the CrowdStrike Falcon platform with conditional access technology. More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Link image
How to leverage backup best practices to repel ransomware
Here's how a ransomware kit with a whitepaper, webinar and 30 day free trial can help your business effectively prevent, detect and restore from a ransomware attack.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More