Undoubtedly, the biggest threat that businesses have to deal with today is cyber-attacks. From having files and systems locked by ransomware, through to denial-of-service attacks bringing down entire services, there’s never a long time between stories about yet another business falling victim to an attack. Unfortunately, cybercriminals want to access critical applications and steal hot ticket items such as proprietary research, secret recipes, prototypes and confidential personal data to either extort money or even just to create havoc. This problem isn’t going to disappear anytime soon; our 2017 Data Breach Investigations Report highlighted the increased use of ransomware, up to a staggering 50 per cent compared to last year. As a result, cybercrime must be confronted head-on, or the business implications could be ruinous. The disappearing act that can be the best form of cyber defence.
Security outside of the perimeter
Traditionally, physical perimeter security solutions are used to protect against external threats to critical applications. However, the demands of new technologies have stretched perimeters to breaking point. To provide more capacity and flexibility, so these new technologies can be used, most organisations now use virtual environments; placing business-critical systems in the public cloud for easier access. The downside of this is that these put them way beyond their well-defined physical boundaries.
>See also: Five cyber security trends for 2018
By embracing these new digital technologies, businesses have opened up more of their previously fortified systems to enable greater collaboration and productivity than ever before. Employees can have access to critical business information and systems remotely, partners and suppliers can collaborate from anywhere in the world and customers have any time, anyplace connectivity via mobile and online applications. The world has never been so connected and businesses so agile. However, there’s a catch; this new convenience exposes security weaknesses, which cybercriminals are only too happy to exploit.
To counter this vulnerability and improve upon traditional solutions, businesses can now implement security directly into the network layer to help protect against potential breaches of critical data. The adoption of Software Defined Networks (SDN) has made this possible, enabling organisations to embed security into the very foundations of the network, ensuring that it is never just an “add-on” or overlooked.
So what if we just made it all disappear?
The idea of making everything disappear might conjure up images of a street magician making a coin disappear, but it can be a very effective way of stopping something being attacked. Businesses can make use of this tactic by creating a Software-Defined Perimeter (SDP) within the network layer enabling a “non-discoverability” approach to secure access to devices and applications across a public cloud. This means that an organisation can automatically hide application resources and devices from would-be attackers. It also allows the ability to see the attacks in real time and provides businesses with the opportunity to secure critical resources and stop attacks in their tracks.
>See also: When firewalls crumble: how to defend from inside the perimeter
Essentially this means that the network and applications are like an exclusive private club where everyone wants to go. This new approach to network perimeter security serves as the bouncer, controlling who can get in and what they can do once they’re inside. It checks user IDs and devices at the network “door,” then “escorts” them inside for another level of verification before they can join the “party” to use apps and resources. This keeps assets within the network safe and locks undesirables out.
Is a perimeter based on software the right choice for all?
In reality, any business can benefit from having this security system in place – SDP can help to protect anything. For example, a financial institution that is under a cyber-attack could use SDP to provide customers with secure, direct access to their cash via the bank’s apps rather than having to freeze them out of their accounts until the threat is over. By ring-fencing apps through an SDP, banks can provide continual safe access and non-disrupted transactions. In the meantime, the bank’s security/cyber-team will be watching the breach in real-time and working behind the scenes to stop it and minimise the impact.
A different example would be a university that might want to protect research or data that could cause their organisation damage if it was published. SDP would be used to hide this valuable information away from the rest of the world; accessed only by a few researchers with approved access rights. These are just a few of the examples, but an SDP approach really can benefit any type of business that needs to keep data secure or provide safe access to applications.
>See also: Ten reasons for embracing SDN as part of digital transformation
With cybercrime continuing to make the front pages of newspapers, and it being unlikely to decrease in the coming years, companies need to take matters into their own hands and protect the assets they regard as most valuable – rather than making critical information easily accessible via the web. It’s no longer enough to rely on security solutions that protected the fixed perimeters of the past. Today businesses must move with technology; applying new ways of protecting critical information in the age of interconnected systems and applications. By doing so, they can minimise the chance of an unwanted prying criminal eye and ensure only those with permission are able to access data and applications. Putting in place a Software-Defined-Perimeter can be the key to making this a reality.
By Oliver Cantor, Associate Director of Product Strategy at Verizon