The recent announcement by AWS of a physical Snowball EC2 compute platform represents a significant step forward in hybrid cloud/data center computing. When combined with a SDP-based Zero Trust Network, enterprises now have an infrastructure solution that offers a better cost structure, agility and security than any other design.
In the second of a series of blog posts on a Cloud-based Enterprise, we’ll examine how a Secure Enclave utilizes a Zero Trust Network to protect itself from cyberattacks.
Mental inertia. That’s what it is. I have noticed that most professionals contributing to enterprise network security continue to operate under the following tenets which have shaped their behaviors for decades:
- The corporate network is vastly important.
- It is critical to secure all aspects of this vastly important resource.
- Embedding security into the network is the most efficient way to achieve the desired level of security in this vastly important environment.
Three decades of adhering to these tenets have resulted in highly connected global company operations, but at a very high cost accompanied by rapidly diminishing security.
According to the 2017 Verizon Data Breach Investigations Report “81% of hacking-related breaches leveraged either stolen and/or weak passwords.” A solution to this problem is to use Multifactor Authentication to prevent a stolen password from being enough for an adversary to gain access to critical systems. This has been true for a long time. Yet MFA is still only used for specific use cases, like remote access. And even there, not universally. Why is this? It is because MFA has traditionally been what social scientists call “a pain-in-the-ass” for both users and IT.
The corporate network, once a great enabler of business productivity, is rapidly becoming an obstacle. This is leaving CIOs with no choice but to make a strategic withdrawal away from defending global and integrated corporate networks, towards more secure-able and relevant perimeters. There is no other way forward.
This is the first in a series of blog posts examining the Cloud-based Enterprise. In this post we’ll introduce how a Secure Enclave can help enterprises migrate to a pure cloud-based operational model.
Interested in learning how adversaries are attacking SaaS? Check out this new Vidder white paper: Securing Office 365 and other SaaS.
Topics: Securing Office 365
A New Paper Suggests it’s Time to Think Differently about Segmentation
The perimeter protecting the network, once considered impregnable, has been degraded by advanced threats and an explosion in the number of connected devices (and apps running on them) and a new generation of predatory malware attacks.
Since the dawn of the networking era, enterprises built open (flat) networks to offer every user access to (almost) every application. Many of these networks are global, spanning business units and national boundaries with unprecedented connectivity. Amazing. Powerful. Everything and everyone is accessible.