Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Security Journal Authors: Mehdi Daoudi, John Walsh, Liz McMillan, Elizabeth White, Pat Romanski

Related Topics: Cloud Computing, Security Journal, Mobile Enterprise Application Platforms

Blog Feed Post

New Kid on the Block: Frictionless Security | @CloudExpo #Cloud

The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone

The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone. While this can bring many benefits to organizations, such as enabling employees to work remotely, cutting costs by using the cloud to simplify IT deployment and permitting contractors and supply chain members to self-serve their accounts, there is also a dark side.

Think about it: by extending every application to virtually everyone, each users’ specific needs and uses of the application aren’t being taken into consideration. Does every employee really need to be granted remote access, and does each contractor hired really require the ability to enter the entire network? Of course not; after all, applications that are easier to share are also easier to hack.

contact-headerThe problem lies in the way traditional network security is implemented. Firstly, the traditional approach encompasses too many tools and moving parts, making it hard to manage end-to-end, from server to user. Secondly, too many users are relied upon, creating delays and promoting the use of “Shadow IT” when users are too impatient and simply want to get their jobs done. In a world in which everyone wants to share everything, everywhere, this approach doesn’t make the cut.

What’s needed is a fresh approach that views the security of networked applications as software-defined networking, with one point of control to set security flows from end-to-end. An approach that automatically segments sensitive applications with strong cryptography, so only the designated users can get access, dramatically reducing the attack surface available.

This fresh approach is here, and ready for organisations to deploy. It’s called CryptoFlows, the industry’s first solution for crypto-segmentation of sensitive networked applications. Crypto-segmentation means each application designated by an organisation can automatically be protected by strong encryption with its own keys, isolating each application’s traffic and segregating it in its own network with strong encryption. Organisations can directly control who or which user group or role can access each one of those virtual application networks (CryptoFlows), meaning that even if someone makes it past the firewall, they still cannot access sensitive applications if they are not an authorised user.

With more and more organisations adopting a frictionless security model, it’s important for the limitations of the approach to be recognised. Extending applications to virtually anyone associated with an organisation is bad business practice, and essentially puts critical data and applications in danger of being compromised.

Certes’ CryptoFlow solutions are the world’s first production-proven solution for crypto-segmentation of networked applications. For 15 years, not a single Certes customer has suffered a data breach on any application protected by Certes. To find out more, register for our webinar on crypto-segmentation click here.

The post New Kid on the Block: Frictionless Security appeared first on Cloud Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net