Top Cybersecurity Topics IT Pros Need to Know in 2022
Cloud services have become a fundamental cornerstone for individuals’ livelihoods worldwide in the last decade. Workload-heavy systems, now delegated to cloud-based platforms, have helped lessen burdens for various businesses. Mass adoption of cloud protection is approaching and should become mainstream within the next few years. As such, conventional network protection methods are no longer sufficient with cloud-based offerings and risks. With this new era of opportunities and threats comes the rise of SaaS products. In addition, due to WFH and hybrid work, companies have now provided resources to facilitate work beyond the physical walls of the workplace. SASE is the answer to such needs. Although still, a method that is yet to be adopted across the board by all sorts of industries, with the rapid “cloudification” of services and products that are often essential to businesses both small and large, the coming years will see a greater level of adaptation to it.
What is SASE?
Initially introduced by Gartner in Q4 of 2019, SASE (Secure Access Service Edge) is a relatively recent concept introduced in cybersecurity. A cloud-based security service model provides multiple security capabilities bundled into a package to help users work with a safe network environment, wherever they are. An easy way to think of SASE is like a bundle package large bag with various brands of chips inside. The SASE framework seeks to provide better performance and protocols without the expense of security. Thanks to its flexibility through a cloud-based setup, users can access company networks and assets without the constraints of being within a physical location of an office. This approach is not only scalable based on the needs of each client but would also handle external traffic without burdening data centers. The hardware required for SASE is also far less than other methods.
How does it work?
SASE solutions can significantly lessen the risk and damage should hackers target a company. In conjunction with protocols set up by IT, attack surfaces and the ability to trace the threat and lock down other areas are vastly improved. IT personnel can merge all security and network-based settings and procedures under one management system; the agility and elasticity of the SASE architecture allow changes and adjustments to be made and implemented quickly, even for remote workers. Using an SD-WAN service with a private network helps minimize latency problems versus reliance on conventional internet services. With a mix of encryption, scanning of malware and other threats, and anomaly tracking, SASE is an always-vigilant guard, 24/7 monitoring traffic, even when we are asleep. Identity-based protocols help track, understand, and protect the company’s internal users.
“Cloud-native platforms use the core elasticity and scalability of cloud computing to deliver faster time to value. They reduce dependencies on infrastructure, freeing up time to focus on application functionality instead.”
- Gartner, Top Strategic Technology Trends for 2022
Zero Trust (Concept/Approach)
Zero Trust is a framework that assumes the enterprise can trust no one (quite literally, zero trust). Therefore, users must go through a series of authentication and authorization processes before allowing internal access to the destinations they wish to reach. This applies to people inside or outside an organization’s network, leaving none to chance. Although, in theory, the strictest form of accessibility and potential likelihood of chokehold in efficiency, both simulation, and reality, has proven not to be the case. While not as accessible as a “castle and moat” method of a “once in, you in” approach, the additional layer of security has significantly outweighed its potential shortcomings. As work needs to be done not only within a company’s internal network, operating outside traditional (and physical) perimeters results in a more complex environment. Therefore, a more rigorous approach is required.
What does a Zero Trust approach look like?
Imagine going through the airport; customs clearance is necessary, regardless of a status of an individual. Even if someone has entered and exited multiple times, the procedure is still required, for the safety of those within a country. Zero Trust allows IT personnel to have a more concrete gate system for users to go through before accessing internal networks and assets. Such a framework will include a clear and live overview of various users and traffic and an understanding of action and interaction behaviors. The movement of a suspect within the network, known as “lateral movement,” can be prevented with the Zero Trust methodology. In coordination with the “zoning” strategy of breaking up the network into chunks, ZTA access methods will ultimately prevent other unauthorized and unrestricted access and be able to shut out the individual.
“What is technology without trust? Digital business requires a resilient and efficient IT foundation at its core. Without a well-designed base, there is no way to scale cost-efficiently.”
- Top Strategic Technology Trends for 2022, Gartner
What would be necessary for Zero Trust to work?
Can you trust any employee that has been with the company for some time? What if their account is compromised? Zero Trust requires the action of constant verification and approval for the credentials of users. A breach is not just through outside means; internal tampering is always possible. This can be both accidental and malicious, no one can reasonably expect when either would occur. As a result, with its strong stance on authentication for all entrants, regardless of credentials, this keeps defense systems up and active at all times.
Remote Browser (Product)
Think about the user’s browsing activity not conducted on their device but through servers that run everything through the cloud. The Remote Browser provides a secure air gap that separates the device from the websites accessed and prevents malicious content and potential threats from infiltrating the user’s laptop or mobile phone. The content to be accessed first goes through cloud servers is filtered, then passed on to the device.
VDI, SWG, and RBI (Concept/Approach)
What is VDI?
Virtual Desktop Infrastructure essentially provides users with a desktop environment, usually linked to a data center or central server. As a result, VDI will deploy a desktop environment to end users, allowing remote work. Positives include troubleshooting and installations, as such would be done not on the end user device, but remotely, which also lends to flexibility for compatibility. An excellent way to think of VDI is like playing a VR game; you see and interact with all sorts through the device, but all of that is not linked to the real world once you remove the VR headset.
In many ways, RBI is the expansion and evolution of VDI. VDI, as an earlier iteration, has quite a few downsides. Hardware and software requirements are much more specific and stringent, giving organizations less wiggle room. RBI solutions are also much more user-friendly regarding loading speeds, ease of accessibility, and aspects of workflow. VDI is also much more complex to set up and manage, far more tedious from start to finish and management than Remote Browser Infrastructures. RBI also provides greater flexibility, which in this day and age of hybrid work is absolutely vital to get things done.
“Gartner estimates by 2024, over 90% of VDI projects with goals of saving costs will ironically fail to do so.”
Virtual desktop infrastructures have been adequate but, compared to RBI, vastly outdated and limiting for most of today’s requirements. The user experience of VDI has also shown to be much more abrasive and choppier than RBI’s often seamless integration with workflow and networks. Last but not least, the most significant advantage that RBI has over VDI costs; is quite often than not, estimated expenses for VDI far surpass estimates.
What is SWG?
SWG (Secure Web Gateway) is typically installed within a company network within the physical walls of the office by IT personnel and released to apply over the enterprise network. It usually helps prevent unsafe internet traffic from accessing a company’s internal network and aims to protect both the employees and the organization, along with company assets. Therefore, not just access to unsafe sites would lead to malicious traps, but even seemingly innocuous destinations may have unintentionally hidden risks.
“Browser isolation gives organizations complete control of their web security, delivering full security, usability, IT simplicity, and cost-effectiveness, and all without the end user noticing a difference between native and isolated web browsing.”
- James Derbyshire, BCS, The Chartered Institute for IT
Why should I use a remote browser over a standard web browser?
Traditional web browsers, although with the advantages of preference, familiarity, and more, lack security and other crucial areas that may risk your business and employees. Even with IT setup and other security measures taken, not having an RBI system can result in a significant security hole that can be easily breached, unbeknownst to a user with credentials and permitted access. Now, with a mix of WFH and hybrid work, the dangers that lurk in the outside world of internet connection are exponentially more significant in both severity and chance of occurrence. Puffin Enterprise Security Solution is what you will need in this brave new world of work to equip you and your team with sufficient protection and enter the battlefield outside the office, both physically and web-access-wise.