Here’s Why It MattersIn a “tip of the hat” to how polluted devices and networks have become, VMware and Verizon announced new service offerings to protect applications from cyber attacks. VMware announced App Defense at VMworld a few weeks ago. Vidder announced yesterday that its technology is being integrated into a new Verizon Software Defined Perimeter managed service for protecting high value apps from advanced threats.
These announcements matter because they mark a break from traditional thinking about security, from hardware to services and from network security to applications and access control.
Why think differently about applications and access control? Increasingly powerful doses of cyber security reality are hitting overworked security teams:
- defending apps and networks with traditional firewalls and network access control solutions is futile at best, even in firms with large security budgets;
- exploding populations of endpoints will never be secure enough on their own to protect the critical systems they can access;
- enterprise security faces increasing skills shortages, complexity and process creep just as attackers are getting faster and more capable; and
- Application-centric access control is becoming strategic, especially for high value apps supporting users who demand LAN and remote access.
Clearly VMware and Verizon both see the writing on the firewall. A new Gartner report shines more light on the coming radical transformation of what was once a bastion of network security (see Secure Web Gateways by Pingree and Contu, published Sep 12, 2017). Think firewall-as-service in the future.
Until the firewall disruption the focus needs to be on protecting high value apps from attacks that today easily penetrate firewalls and network access control defenses. Petya, for example, spread from its targets in Ukraine around the world in a matter of days, and was responsible for shutting down everything from hospital to shipping company systems.
Developing a Zero Trust Strategy
Synergy is key: New app-centric services can add more powerful capabilities to existing security teams without the headaches of adding new layers of increasingly complex static security infrastructure.
Your team gets closer to the notion of zero trust, not just for networks but devices as well. They can start by prioritizing security for high value applications, especially those with complex access demands. Then focus on high value apps with simpler access demands.
When endpoints and networks are polluted, trust needs to be established for any user to access any high value application. Think Trusted Access Control: a powerful defense for key apps that augments existing resources and is delivered as a service.
Your security infrastructure is then augmented with specialized software and services that protect apps from malware and credential theft. Access is only granted after trust is established and access is only granted to a specific application.
Related: After extensive tests and hackathons, Verizon recently field tested Vidder technology by securing real time, live action, first responder communications at Operation Convergent Response, last June in Perry, Georgia. For more information check out Junaid’s blog.
Read the news coverage related to the Verizon and Vidder software defined perimeter technology partnership.