From the Blogosphere
New Kid on the Block: Frictionless Security | @CloudExpo #Cloud
The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone
Sep. 18, 2015 10:00 AM
The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone. While this can bring many benefits to organizations, such as enabling employees to work remotely, cutting costs by using the cloud to simplify IT deployment and permitting contractors and supply chain members to self-serve their accounts, there is also a dark side.
Think about it: by extending every application to virtually everyone, each users’ specific needs and uses of the application aren’t being taken into consideration. Does every employee really need to be granted remote access, and does each contractor hired really require the ability to enter the entire network? Of course not; after all, applications that are easier to share are also easier to hack.
The problem lies in the way traditional network security is implemented. Firstly, the traditional approach encompasses too many tools and moving parts, making it hard to manage end-to-end, from server to user. Secondly, too many users are relied upon, creating delays and promoting the use of “Shadow IT” when users are too impatient and simply want to get their jobs done. In a world in which everyone wants to share everything, everywhere, this approach doesn’t make the cut.
What’s needed is a fresh approach that views the security of networked applications as software-defined networking, with one point of control to set security flows from end-to-end. An approach that automatically segments sensitive applications with strong cryptography, so only the designated users can get access, dramatically reducing the attack surface available.
This fresh approach is here, and ready for organisations to deploy. It’s called CryptoFlows, the industry’s first solution for crypto-segmentation of sensitive networked applications. Crypto-segmentation means each application designated by an organisation can automatically be protected by strong encryption with its own keys, isolating each application’s traffic and segregating it in its own network with strong encryption. Organisations can directly control who or which user group or role can access each one of those virtual application networks (CryptoFlows), meaning that even if someone makes it past the firewall, they still cannot access sensitive applications if they are not an authorised user.
With more and more organisations adopting a frictionless security model, it’s important for the limitations of the approach to be recognised. Extending applications to virtually anyone associated with an organisation is bad business practice, and essentially puts critical data and applications in danger of being compromised.
Certes’ CryptoFlow solutions are the world’s first production-proven solution for crypto-segmentation of networked applications. For 15 years, not a single Certes customer has suffered a data breach on any application protected by Certes. To find out more, register for our webinar on crypto-segmentation click here.
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week