Wework_WiFi
Weak WeWork Wi-Fi Network Security Leaves Tenants’ Records Exposed
Reading Time: 4 minutes

With the rise of the mobile and remote workforce, more and more organizations are changing from the outdated cubicle office architecture to the modern coworking space option. Coworking spaces such as WeWork and Green Space offer many different advantages for organizations, from lower office costs, flexibility in working, networking opportunities, happy hours and more. However, along with the advantages there are always some security risks.

Working out of a coworking space might save your organization money and overhead, but it’s important to consider the security implications it presents to your organization’s resources. In the case of the lead coworking space WeWork, massive security risks have grabbed the headlines over the past month.

WeWork’s Lax Wi-Fi Security

Security issues with WeWork’s Wi-Fi network were first introduced in August 2019 in a Fast Company report, which noted that the company “used the same weak passwords and outdated Wi-Fi system throughout all its branches”. WeWork’s lack of password security has gotten to the point that it has regularly been featured on the list of the worst passwords that anyone can possibly use. The report described that WeWork’s Wi-Fi weak security is “laughably weak” and “downright dangerous.”

The “laughably weak” Wi-Fi at WeWork now has resulted in exposing the sensitive documents and data of it’s New York’s Financial District members.

CNET reported that a WeWork tenant named Teemu Airamo who joined the New York shared workspace in 2015 scanned the facility’s Wi-Fi security upon arrival to ensure his organization would not be vulnerable to an attack. Airamo noticed that other companies located at the WeWork were visible on the network and were spilling out an “astronomical amount” of data.

Airamo disclosed the issue to the WeWork management, and despite the Wi-Fi security risk, WeWork never patched the vulnerability. Four years later, this Wi-Fi security risk is still intact. Airamo over the years has continued to run regular scans of the network and found that over 700 devices are leaking information from the WeWork network. The different kinds of sensitive data exposed included emails, financial records, and client databases as well as scans of people’s IDs, their bank account credentials and, quite randomly, a virtual birthday card with a cat photo of Nicolas Cage.

Public Wi-Fi Security Risks 

With 90 percent of Americans using their personal devices for work, employees are constantly at risk of accidentally opening access to company data. To fight off potential hacks on the network or the risk of exposing critical data, everyone needs a better understanding of the different security risks that correlate with using public Wi-Fi networks.

Insufficient Encryption

Many Wi-Fi hotspots have absolutely no form of encryption, or they utilize a weak WEP protocol that can result in a potential security breach.

Poor Password Protection

Wi-Fi hotspots often have widely shared passwords, or even worse, absolutely no password protection. This provides incredibly easy access to hackers to access the network and compromise your data.

Lack of Awareness

Most people are not aware of the different kinds of risks when using public Wi-Fi and assume the network must be secure. In fact, only one in three people can actually tell the difference between secured and unsecured Wi-Fi networks.

Steps to Secure Wi-Fi Network

One of the most popular network misconceptions is that free public Wi-Fi is completely secure. If you’re using public Wi-Fi without the proper protection, you’re potentially putting your organization’s sensitive data at risk. Here are a few measures you can take right now to start protecting your data on public Wi-Fi.

Browse Only over HTTPS Encrypted Sites

When you browse on a website you want to check for a green lock symbol at the start of the URL. This indicates that your traffic is being encrypted through SSL encryption technology and that the data transferred between your browser and the website is secured. However, this method is still vulnerable to SSL stripping.

Enable Two-Factor Authentication

Two-factor authentication (2FA) is a great way to prevent your accounts from being hacked. It ensures that, in addition to your username and password, a second layer of verification such as an SMS code is required. However, in the case of public Wi-Fi, this method only protects your account during the login process, so it isn’t enough to keep you safe online.

Disable Auto Join to Wi-Fi Networks

Many Wi-Fi hotspots are unsecured. However, your phone automatically remembers previous networks you’ve connected to and will reconnect to them even if you don’t interact with your phone. Since it’s important to make sure that the network you’re connecting to is authorized, reliable and trustworthy, you should disable auto-join on your device.

Authorized Access is Key

Many organizations are still relying on outdated hardware-based VPN technology for their secure network access, however, it’s not enough to fight off the new network attacks.

Secure network access must be defended and protected by adopting security strategies, like the popular Zero Trust security model, which enforces multiple layers of verification before granting resource access.

Furthermore, this breach highlights the need to embrace cloud-compatible cybersecurity solutions. According to the Cloud Security Alliance (CSA), Software-Defined Perimeters provide “the ability to deploy perimeters that retain the traditional model’s value of invisibility and inaccessibility to “outsiders,” but can be deployed anywhere – on the internet, in the cloud, at a hosting center, on the private corporate network, or across some or all of these locations.

To prevent similar risks such as WeWork’s Wi-Fi security risks, organizations should use Software-Defined Perimeter technology and the Zero Trust model to ensure secure access by authorized devices, users and locations. They should also seek services such as Perimeter 81 which include advanced or even automatic Wi-Fi security features, ensuring employee communications are encrypted across all Internet connections. With Perimeter 81, organizations can ensure that only authorized connections are being established while leaving their cloud environments completely hidden from attacks.

To learn more about Perimeter 81’s Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
Cloud Security_5_Steps
5 Steps to Improving Your Cloud Security
Reading Time: 4 minutes

The adoption of the cloud has come a long way in the past decade. In the early 2010s “The Cloud” was initially introduced as a buzzword, but today most organizations are employing the cloud for their business. Seventy-two percent of all businesses globally are dependent on some form of the cloud in their daily work life and that number will increase even more for personal use. The adoption of the cloud is changing the way businesses and organizations are running globally as everyone and everything is becoming dependent on technology.

The cloud market is estimated to be worth $411 billion by 2020 and the number will only continue to increase with more and more organizations moving from on-premise to the cloud. 

While cloud usage is rapidly increasing, one of the major concerns for all organizations with the adoption of the cloud is security. Every year we are seeing a continuous increase in the number of cloud-related security breaches leading organizations to carefully contemplate whether to adopt cloud services or stay on-premises.

In the early years of cloud adoption, the cloud was less secure than we know it today. However, service providers have learned from their past mistakes and implemented new security features that can fight off different cloud risks. Better security tools and processes have been developed to make the cloud safer than on-premises solutions in many cases, but for complete cloud security, organizations need to emphasize the priority of cloud security. 

Security Has to Become a Priority 

Organizations are stepping up their adoption of cloud services and are becoming more at ease and familiar with the importance of working securely in the cloud. The reasoning behind the increasing adoption of cloud services is that organizations are implementing the common shared-responsibility model of cloud security which is the idea that organizations and their cloud service providers are in agreement to split up different responsibilities for the cloud deployment. The cloud provider will be responsible for cloud deployments such as networks and operating systems and the organizations will be responsible for the rest. Yet working with well-known cloud providers doesn’t always mean that your cloud resources are secure. It is extremely important for organizations to invest in cloud security in order to avoid security risks in their network and to defend against internal and external cloud threats. However, while this is an obvious priority for security teams, it also needs to become a priority for all employees.

The decision-makers need to have a better understanding and commitment to the importance of cloud security. Instead of just delegating every security risk to the security team, it has to become a decision maker’s issue as well because the result of failure can potentially collapse a business. Any organization may be only a data breach away from catastrophe.

5 Steps to Improving Your Cloud Security 

With the constant threats against networks and web applications increasing, it’s time for a refresher on how to secure your organization’s cloud security in just five steps.

Deploying Authentication Tools

Adopting a multi-factor authentication solution inside your organization provides another layer of security by challenging users to prove they are who they say they are. It provides IT security teams with broad visibility into the organization’s network and application. 

Encouraging your employees to sign in with one or more extra authentication tools on top of their username/password is a simple and efficient way to provide an additional layer of protection.  

Manage Your User Access

Most of your employees won’t need access to every application, resource or critical information belonging to your organization. Setting proper levels of authorization ensures that each employee can only have access and work on the applications or resources necessary for them to do their job.

Stolen user accounts are major concerns for organizations’ cloud security. This headache can be fixed if we limit what users can access. So even though we still require verification for every user, by providing employees with a minimal level of privileges, this will make it harder for hackers to access the organization’s critical resources and networks.

Monitoring User Network Activities

Real-time monitoring and analysis of network users’ activities can help you point out anomalies from the normal activity patterns of your employees. For example, unknown users logging in from unauthorized devices, IP addresses, locations and more.

Logging user data will allow you to prove to auditors that your networks and applications are secure and you can provide a full activity report at any given time and location in case of a serious breach. These irregular activities could display a potential breach in your system, and discovering them early on will allow you to fix security issues.

Encrypt Your Data

By failing to encrypt sensitive data you risk putting both your organization and customers at risk. It is the responsibility of the cloud provider to make sure that data is encrypted, and that the data can be properly decrypted once it’s taken from the cloud. 

IT teams should have the encryption and decryption keys in a secure location, and they should never be stored with the data on the cloud. This encrypted data is very hard to crack, especially if the cloud provider and organization use different encryptions on the data.

Educate Your Team 

One of the key steps for better cloud security is to educate employees. Human error accounts for 90% of data breaches and it can be very easy to accidentally introduce malware into an organization’s network. It is important to train employees on security policies and to explain the rationale behind those policies.

Employees won’t care about creating a strong password or watching for phishing emails if they don’t understand the risks behind them. You don’t need to teach employees about every technical detail in security protocols, but they should know which risks can impact their jobs. Organizations should frequently run training sessions to keep their employees up to date with security best practices. 

Secure Networks with Cloud Security

Improving your cloud security starts with prioritizing the importance of cloud adoption and the correct security hygiene throughout the organization. Start with adopting a Zero Trust Network as a Service that incorporates the Software-Defined Perimeter model such as Perimeter 81, which allows you to deploy authentication tools, manage user access and monitor network activities in all in one platform.

Your cloud security strategy should be flexible and upgraded to cope with the different security threats. By implementing the 5 steps above and utilizing a Zero Trust Network as a Service, your organization will have a more complete and secure cloud security.

 

Read More
Naas_blog
The Rise of Network as a Service
Reading Time: 5 minutes

An increase in innovation in enterprise IT is changing how companies manage every aspect of their business. At the core of this revolution is the rise of cloud computing, which is among the most significant transformations since the launch of the internet.

Before cloud computing technology was available, businesses had to manage their network and resources on-premises, with employees working from one site-centric location. Today, the IT industry is seeing a massive increase in organizations adopting cloud services that use private clouds, which are created independently and used by a single organization. 

As for employees, we are seeing an increase of over 16% of global companies fully employing remote workers on the go and thus make the adoption of the cloud a requirement for organizations moving forward. 

The global cloud computing market is estimated to be worth over $300 billion by 2022. Cloud computing has transformed IT offerings for organizations with cost-effective, scalable solutions to the various needs of the IT teams. Further, it has proven to be a critical stepping stone for the future of how organizations adopt cloud-based networks. 

Cloud Networks May Lead to More Security Issues 

The use of cloud network services is universal—we’ve seen this rise over the past decade to the point where many of our organizations couldn’t function today without the cloud. The ability to quickly upload resources, adopt new applications, and respond in real-time to end users’ tickets allows organizations to compete effectively in today’s ever-changing marketplace. The understanding that sensitive data lives in the cloud and must be protected is critical for cloud adoption growth. Critical to cloud adoption growth is the understanding that sensitive data, now lives in the cloud and must be protected. The cloud also introduces a different set of risks that need to be understood properly in order to prevent potential cyber.

The expansion of cloud services being implemented by organizations means that it can be confusing to clearly understand where and which data is being exposed to risk. Storing data without encryption and lack of multi-factor authentication for access can lead to loss of intellectual property, loss of management control, exposure to malware, compliance violations, massive data breaches with customers and partners and ultimately loss of customer trust and loss of revenue. As we learned in the Capital One data breach, we need a clear understanding of which cloud services are being used and which data is being uploaded in order to implement specific security policies.  

Organizations that introduce company-wide identity access policies provide another layer of security for their employees and their customer’s data. This is where the idea of Network as a Service is introduced. 

What is a Network as a Service?

To understand if Network as a Service is the right solution for your organization, we need to understand what it actually is and why it’s the modern solution for cloud network security

Network as a Service is the model of delivering enterprise network services virtually on a subscription basis. Configuring and operating business networks and protocols routers can be time-consuming and complicated. With Network as a Service (NaaS), the entire network operations can be handled by a third-party service provider, such as Perimeter 81.

Small to midsize businesses are the classic NaaS buyers, however, with the rise of SaaS and other service models, enterprises and large organizations are becoming more interested in the network model. NaaS can also be appealing to new business owners because there is no need for a large investment for traditional network hardware. This model also reduces the amount of staff time required to maintain the network and reduces the level of training and skill required of network staff.

In the NaaS business model, IT Security teams can manage the organization’s network through a portal rather than through network management tools and out of date hardware. A new virtual network can be added to the organization’s WAN by connecting it to the NaaS provider’s nearest point of presence (POP) either directly through a leased line to a nearby data center or over the internet.

Now that we’ve explained the advantages of a Network as a Service, read on to find out how this particular model can benefit your organization. 

Benefits of Network as a Service

Network as a Service will become the ideal business model for delivering scalable network services using a subscription-based application and enables vendors to scale the service by the customer needs and add new functionality and features on-demand. 

Additionally, businesses can easily deploy custom routing and user access protocols. Further, by modifying the content of the network, businesses can efficiently implement advanced network services, such as in-network data aggregation, redundancy elimination and more. 

Here are some key benefits when implementing a NaaS for your business:

Reduced Costs

Implementing a Network as a Service reduces many IT costs including infrastructure, hardware, software, operations, and maintenance. The lowered expenses are due not only to outsourcing but also to the knowledge and expertise that NaaS providers can bring to the table. The right NaaS partner can make the transitional period as smooth as possible, minimizing expenses and mistakes as you implement new processes and equipment.

Continuous Maintenance 

Network as a Service provides a continuous monitoring service to ensure that threats are easily preventable, and notifications can often be configured so that major issues can be identified and resolved.

Enhanced Security

With Network as a Service, service providers can protect and secure sensitive data, applications, and resources. 

Increased Levels of Uptime  

Many Service Level Agreements (SLAs) are created with managed network service providers that guarantee levels of their availability, network uptime, and response and resolving services for addressing network issues. Employing a Network as a Service with a reputable provider is an easy way to ensure these service level guarantees, and provide organizations with confidence that they have a dependable and stable communications system.

The Future of Network as a Service

Software-defined wide area networks have opened new opportunities for network service providers to offer Network as a Service to more enterprise businesses. While organizations today are expanding globally, relying on data and applications on the cloud and driven by the mobile workforce, SD-WAN is addressing the right IT needs. This new network service approach allows security vendors to provide one network with one security framework for all users and applications, which makes IT leaner, more agile. While a software-defined wide area network has played as a strong variable with today’s evolution of the wide-area network, it has successfully encouraged businesses to adopt Network as a Service by bringing a new vision for networking and security to today’s business.

When looking into the future of Network as a Service, another phase is now developing. While still being defined, some of the attributes that are emerging include the expansion of running Network as a Service workload in public clouds.

The transition of running cloud services in the public cloud domain will likely be a gradual process, but there is already an initial demand for this capability for applications. The attraction here is that the public cloud is well-suited to deliver any service that requires cloud computing. 

As a result, future phases of NaaS will continue to expand with the increasing adoption of cloud services. Every business will have its own strategy for migrating to the internet. However, given the fact that Network as a Service is always evolving with the cloud, IT managers will have a lot of different network options moving forward.

We hope you found this post helpful! If you’d like to learn more about the many advantages of a Zero Trust Network as a Service, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More
IT World Awards Blog Post
Perimeter 81 Continues Winning Streak with 12 Awards in the 14th Annual IT World Awards
Reading Time: 3 minutes

Perimeter 81, the leading Zero Trust Secure Network as a Service provider, has been named the winner of twelve different awards in the 14th Annual Network Products Guides 2019 IT World Awards. The wins include Gold for Fastest Growing IT Company of the Year | 11 – 2,499 Employees and Silver for Startup of the Year | Israel. Additionally, Sivan Tehila, Perimeter 81’s Director of Solution Architecture, was recognized in the category of Woman in Information Technology for her work in promoting women in cybersecurity.

The IT World Awards is the Information Technology (IT) industry’s premier excellence awards program honoring achievements in every facet of the IT industry. An annual achievements and recognition awards program with active participation from a broad spectrum of industry voices, the coveted annual IT World Awards recognition program encompasses the world’s best in organizational performance, products and services, hot technologies, executives and management teams, successful deployments, product management and engineering, customer satisfaction, and public relations in every area of IT.

“This prestigious recognition from IT World Awards inspires us to look ahead and continuously seek new, innovative ways to improve our product,” said Amit Bareket, CEO and Co-Founder of Perimeter 81. “We’re continuing to work on transforming the world of secure network access and help businesses of all industries securely move to the cloud and empower their modern, mobile workforce.”

“I’m honored and humbled to be included in an award celebrating such powerful and inspiring women in tech,” said Sivan Tehila, Director of Solution Architecture of Perimeter 81. “It’s exciting to be recognized for my work promoting women in cybersecurity, and I hope I am motivating more women to join the field.”

The full list of awards Perimeter 81 received includes:

Fastest Growing IT Company of the Year | 11 – 2,499 Employees – Gold
Startup of the Year | Israel – Silver
Women in Information Technology | 11 – 2,499 Employees – Bronze, recognizing Perimeter 81’s Director of Solution Architecture Sivan Tehila
Company of the Year | Information Technology Software | 11 – 2,499 Employees – Bronze
Company of the Year | Security Cloud/SaaS | 11 – 2,499 Employees – Bronze
Company of the Year | Security Services | 11 – 2,499 Employees – Bronze
Startup of the Year | Information Technology Software – Bronze
Startup of the Year | Security Cloud/SaaS – Bronze
Startup of the Year | Security Software – Bronze
Hot IT Company of the Year | Information Technology Software – Bronze
Hot IT Company of the Year | Security Cloud/SaaS – Bronze
Hot IT Company of the Year | Security Software – Bronze

About NPG’s IT World Awards

As the industry’s leading technology research and advisory publication, Network Products Guide plays a vital role in keeping decision-makers and end-users informed of the choices they can make in all areas of information technology. The Annual IT World Awards is part of the SVUS Awards® recognition program from Silicon Valley in the United States of America which also includes other programs such as CEO World Awards, Consumer World Awards, Customer Sales and Service World Awards, Golden Bridge Awards, Globee Awards, Info Security PG’s Global Excellence Awards, Pillar World Awards, PR World Awards, and Women World Awards. 

View the complete list of winners

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

If you’d like to receive a full tour of Perimeter 81’s award-winning Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
Team_BH
Black Hat 2019: Network Security and Beyond
Reading Time: 3 minutes

The 2019 Black Hat USA conference may have come and gone, and we’re thrilled to report a successful and productive (and fun!) experience at one of the industry’s top security conferences. Black Hat is still at the top of our minds, thanks to over one thousand network security conversations that took place at our booth. 

Join us as we look back on last week’s event from start to finish, sharing our key learnings, conversations and booth activities.

Simon Says: Visit Perimeter 81’s Booth

We went all out at Black Hat – we had extensive demos so attendees could walk through our Zero Trust Network as a Service solution and all of its capabilities.

We also made sure that guests were in for some fun! Attendees who stopped by our booth experienced nostalgia by playing the game Simon Says. Each participant that successfully made it to the second stage of the game was automatically entered into a raffle for great prizes. Winners received wireless headphones, retro puzzles, and portable record player.

winners_conference_photos

Presenting at the SentinelOne Booth

Our CEO and Co-Founder Amit Bareket presented at SentinelOne’s booth where he discussed our latest partnership with SentinelOne. The new partnership provides a wide range of businesses, from midsize companies to Fortune 500s, with unified network and endpoint security, ensuring more effective threat defense for the cloud and mobile-first world.

The new integration with SentinelOne’s next-gen solution ensures that endpoints are fully compliant and protected before they join Perimeter 81’s secure cloud-based network.

BH_Amit

Mirage of Industry Experts

During the week of Black Hat, thousands of security experts converge together in Las Vegas to get a better understanding of the security trends in 2019 and forward. This presents a great opportunity for customers and vendors to meet industry experts in person. Our Director of Solution Architecture, Sivan Tehila, had the pleasure of meeting with Richard Stiennon the author of Secure Cloud Transformation: The CIO’S Journey While talking to Richard, Sivan presented our solution and explained how it fulfills the vision of his great book.

Sivan_BH

On the second day of Black Hat, David Spark stopped by our booth for a great conversation about network security. David is the host of one of our favorite podcasts: CISO/Security Vendor Relationship Series.

David_Spark_BH

Great Conference to See Customers

One of the best parts of attending Black Hat has been the opportunity to meet with our amazing clients. Even if it’s just a quick hello or a longer conversation, it’s great to be acknowledged by your customers. While at the conference we had great conversations with eight different customers and each conversation provided us with real-time customer insights of our solution.

Synack_BH

Meeting the Synack team at the Perimeter 81 booth

The ETS-AV team discussing Perimeter 81   

Tessitura Network_BH

Catching up with Tessitura Network at the Perimeter 81 booth

Until Next Time

When it was all said and done, it was a very enjoyable and exciting week, filled with great activities, the opportunity to meet up with old colleagues, and the chance to make some new connections. A big hats-off to everyone who helped make Black Hat 2019 a huge success! We look forward to seeing you at another industry event soon.

Team_BH

Read More
AWS_Marketplace
Perimeter 81 Is Now Available on the AWS Marketplace
Reading Time: 2 minutes

Securing your network access just got easier. Today, we’re pleased to announce that our Zero Trust Network as a Service is now available on the AWS marketplace. Now you can subscribe to Perimeter 81 directly through AWS Marketplace and manage your organization’s subscription through AWS. You can see our listing and subscribe here.

About the AWS Marketplace

The AWS Marketplace is an online store that helps customers discover, purchase, migrate and immediately start using the software and services they need to build products and run their businesses.

A major benefit of the AWS Marketplace is that it is easy to integrate products in your AWS infrastructure. SaaS subscriptions allow AWS customers to not only have a single place to select AWS third party integrated solutions but also to be billed through their AWS account.

AWS Marketplace SaaS subscriptions simplify the process of improving your AWS infrastructure. Thus, allowing you to consolidate the billing of the SaaS products you integrate with your AWS Infrastructure. Now, Perimeter 81 is one of those products.

Benefits of Perimeter 81 with AWS

With our ongoing relationship with AWS as an Advanced Technology Partners and the opportunity to offer Perimeter 81 in the AWS Marketplace, AWS users now have the ability to simply secure their cloud, network, and application access. By utilizing the zero-trust and Software-Defined Perimeter models, Perimeter 81 ensures secure, policy-based access to AWS resources with a cloud-based network hub.

With Perimeter 81’s unified management platform, IT security & DevOps professionals can easily allow AWS users to connect into AWS VPCs and segment team member access based on group policies. Perimeter 81 integrates with Identity Providers, including Okta, GSuite, Microsoft Azure AD, and Active Directory/LDAP. Additionally, we offer a built-in two-factor authentication through SMS/push notification, Google Authenticator and Duo Security.

For interconnectivity with your AWS environment or any other cloud or on-premise environments, Perimeter 81 admins can choose to add a Perimeter 81 Connector to interconnect cloud environments, or an IPsec Site-to-Site Tunnel, to create a secure communication link between two different networks located at different sites.

Once private networks and gateways are deployed, team members – whether they are working in the office or on the go – can quickly and securely access AWS resources with single-click client software which is available for Windows, Mac, iOS and Android. Perimeter 81 admins can audit team activity and enjoy full network visibility with the platform’s Activity Log.

Getting Started with AWS 

Perimeter 81 offers AWS customers a secure usage of AWS services. That means customers must provide their own security through authentication and user access control in order to protect their Amazon cloud environment.  

We understand the impact of cloud migration, which is why we offer an easy-to-use, scalable cloud security solution that provides simple and cost-effective access control and monitoring for your entire security landscape.

If you’re just starting out with Perimeter 81 you can sign up through the AWS Marketplace and have the account connected from the get-go. If you’re already a Perimeter 81 user, you can subscribe through the Marketplace and it will direct you to the login view, which will connect your AWS account once you insert your credentials.

To learn more about how you can secure your Amazon Web Services with Perimeter 81, visit our listing on AWS Marketplace.

Read More
Capitol One Breach
The Capital One Data Breach: How Crisis Could Have Been Averted
Reading Time: 3 minutes

One of the largest hacks in 2019 was made by a former Amazon employee who stole credit card data, including 80k bank account numbers and 140k Social Security numbers affecting millions of Americans and Canadians. Here’s how this crisis could have been averted.

The largest category of information which was accessed is related to consumers and small businesses who applied for credit cards between 2005 and early 2019, according to a statement from Capital One. 

The stolen information included names, addresses, postal codes, phone numbers, email addresses, dates of birth, and self-reported income, as well as other bits of important data that may be used by criminals to carry out fraud. 

Who Let the Data Out?

The cause of the breach was a cloud firewall configuration vulnerability, which Capital One said it has since fixed. The unauthorized access took place on March 22-23, 2019 when the attacker exploited a firewall misconfiguration which permitted commands to reach the impacted server. 

This exploit allowed a hacker to execute a series of commands on the bank’s servers. Once through the perimeter, the intruder commandeered the credentials for an administrator account, gaining access to Capital One’s data stored on their AWS servers. The file contained code for three commands:

The first command obtained security credentials from an administrator account that had access for web application firewalls. The second listed the number of buckets or folders of data in an Amazon Web Services (AWS) database. The final command by the hacker was to copy the data from the Capital One repository. After successfully exfiltrating the data from Capital One’s servers, the hacker posted the stolen data to GitHub for a brief while before dropping a dime on herself on Slack. Despite her use of tools aimed at keeping her anonymous, it created a digital trail for their potential arrest. 

Is Capital One to Blame? 

Data breaches on cloud storage services are occurring more often, primarily because more companies are using the cloud and attackers are seeing this as a fruitful platform. Despite the migration to cloud services, companies are still responsible for their own security even on the cloud. When implementing a cloud storage service there are many financial and logistic benefits but companies must not forget the importance of cloud storage security. 

There is no denying that cloud computing is the way of the future, but when financial institutions that house so much sensitive customer data approach the cloud, implementing the proper security measures is an absolute must. In the case of the Capital One breach, despite being cloud innovators, security wasn’t up to par.   

Capital One has been a major advocate in the banking world for cloud services. The company is migrating more of its applications and data to the cloud and plans to be done with its data centers by the end of 2020. Other financial institutes have been more cautious of implementing cloud services, largely for security reasons.

Cloud-hosting services such as AWS are very appealing to companies looking to cut costs as data centers carry a hefty price tag, often tens of millions of dollars. When it comes to data security, AWS, like most providers, the cloud storage model is the Shared Security Responsibility model. This assures certain layers of infrastructure and software security, but the customer is ultimately responsible for how data is used and accessed.

Clearly, there were mistakes with how Capital One was protecting this AWS bucket as it appears someone was able to access the data it contained pretty easily. The Capital One breach is proof that companies have a lot to learn when it comes to deploying security technology effectively and especially the importance of access to cloud storage must be defended and protected by adopting security strategies.

Stay on Top with Secure Network Access 

Many organizations still rely on outdated hardware-based VPN technology with a distributed management system and other complicated client applications. These systems are complex, costly, require extensive management, and most notably, they are not cloud-friendly.

Access to cloud storage must be defended and protected by adopting security strategies, like the Zero Trust security model, which enforces multiple layers of verification before granting resource access. Furthermore, this breach highlights the need to embrace cloud-compatible cybersecurity solutions. 

To prevent similar risks such as the Capital One breach, organizations should use Software-Defined Perimeter technology and the Zero Trust model to close their cloud environments and SaaS services so that they can only be accessed by authorized devices, users and locations.

The shift to the cloud is inevitable, so it is key that financial institutions also adopt cybersecurity services that are well designed to integrate with major cloud providers. Our solution is based on the Zero-Trust security model and allows direct access to cloud resources and applications while evaluating the user permissions and related metadata. With Perimeter 81, organizations can ensure that only authorized connections are being established while leaving their cloud environments completely hidden from attacks.

To learn more about Perimeter 81’s Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
press release image
Perimeter 81 Partners with SentinelOne to Deliver Fully Automated, Zero Trust Network Security and Endpoint Protection
Reading Time: 2 minutes

TEL AVIV, IsraelJuly 30, 2019 /PRNewswire/ — Perimeter 81, a pioneer in Zero Trust software-defined network access, has partnered with SentinelOnethe autonomous endpoint protection company. The partnership will provide a wide range of businesses, from midsize companies to Fortune 500s, with unified network and endpoint security, ensuring more effective threat defense for the cloud and mobile-first world.

“We’re proud to have helped hundreds of clients ensure simplified, Zero Trust access to their on-premise and cloud environments with our Zero Trust Network as a Service. Now we would like to create an even greater impact,” said Amit Bareket co-founder and CEO of Perimeter 81. “By partnering with world-class cybersecurity vendors like SentinelOne, we look forward to extending the power of our offering in order to provide a comprehensive set of secure network capabilities: Zero Trust Access, Web Security and Global Interconnectivity. The combination of endpoint security and compliance enabled by this partnership is a crucial part of ensuring holistic protection for the Secure Network as a Service.”

“Perimeter 81 helps organizations adopt a Zero Trust architecture, and the combination of our solutions delivers tremendous efficacy in securing the modern enterprise,” said Daniel Bernard, CMO, SentinelOne. “With SentinelOne’s ability to protect every device across the evolving enterprise network, from standard desktop and laptop to IoT, customers can trust the endpoint security of Zero Trust models.”

The rapid rise of Cloud and Mobility has created a mega-shift in the cybersecurity landscape. By 2020, IDC (International Data Corporation) research has indicated that mobile workers will make up nearly 75% of the US workforce1, and worldwide spending on public cloud computing is expected to reach 162 billion USD2. The sheer number of widely distributed network endpoints and the shift from the static, HQ-centered network to the dispersed, user-centric network, pose new and evolving security challenges for today’s organizations, leaving the traditional, 30-year-old network security appliances obsolete.

Perimeter 81’s award-winning Zero Trust Network as a Service is among the first solutions to provide fully customized and automated secure network infrastructure deployment in one holistic platform. The service seamlessly applies adaptive policies based on device, identity and location, so that only authorized users are granted access to critical corporate resources. The integration with SentinelOne’s next-gen solution, which autonomously defends every endpoint against every type of attack at every stage in the threat lifecycle, ensures that endpoints are fully compliant and protected before they join Perimeter 81’s secure cloud-based network.

To see Perimeter 81 and SentinelOne’s joint collaboration in action, visit the SentinelOne Black Hat Booth (#222, BMR 716) at 12:00 PM on Wednesday, August 7, 2019 or 3:00 PM on Thursday, August 8, 2019 for a live demo and interactive presentation.

About SentinelOne

SentinelOne delivers autonomous endpoint protection through a single agent that successfully prevents, detects, responds, and hunts attacks across all major vectors. Designed for extreme ease of use, the S1 platform saves customers time by applying AI to automatically eliminate threats in real-time for both on-premise and cloud environments and is the only solution to provide full visibility from edge to cloud across the network.

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

Read More
press release image
Perimeter 81 Amplifies Its Global Reach with Ingram Micro Cloud Distribution Agreement
Reading Time: 3 minutes

TEL AVIV, IsraelJuly 23, 2019 /PRNewswire/ — Perimeter 81, a leading provider of software-defined network security solutions, today announced a distribution agreement with Ingram Micro, Inc. to offer its cutting-edge Zero Trust Network as a Service to resellers through the Ingram Micro Cloud Marketplace.

A finalist from Ingram Micro’s Comet Competition in 2018, Perimeter 81 was recently recognized as a Gartner Cool Vendor for “Cyber-Physical Systems and Network Security” and selected by Frost & Sullivan as a Best Practices Award Winner for Software-Defined Access Technology Leadership. Perimeter 81’s Zero Trust Network as a Service is among the first to provide fully customized and automated secure network infrastructure deployment in one holistic platform. The B2B SaaS solution transcends the complex and hardware-based legacy network appliances of the past by seamlessly ensuring secure employee access to critical corporate resources — whether these resources are located on-premises or in the cloud.

“With the rapid rise of telecommuting, personal work devices, and cloud-based services, Perimeter 81’s simplified, software-defined and user-centric approach to network security is a must for today’s modern workforce,” said Sagi Gidali, co-founder and CPO of Perimeter 81. “We want to help as many businesses as possible more easily and efficiently secure their ever-expanding corporate networks and we’re confident that with Ingram Micro’s unparalleled reach and vast expertise in cloud-delivered services, we will greatly advance our efforts to achieve this goal.”

Ingram Micro delivers a full spectrum of global technology and supply chain services to businesses around the world. The Ingram Micro Cloud Marketplace is an ecosystem of buyers, sellers, and solutions that enables channel partners and professionals to purchase, provision, manage and invoice with efficiency, confidence and ease. It removes the complexity in procurement, management and support that is too often inherent in cloud technologies, and enables partners to manage the complete end-customer subscription lifecycle from a single, automated platform that is provided and supported by Ingram Micro.

“Our customers are eager to adopt more manageable and cloud-compatible software security solutions and Perimeter 81 meets this growing demand,” said Michael Kenney, Vice President of Strategy and Corporate Development. “We are excited to broaden the portfolio of cloud services by adding Perimeter 81 to our Cloud Marketplace, which is now being used by more than 55,000 technology partners around the world to manage nearly four million fully-automated seats.”

Some of the highlights of Perimeter 81’s distribution agreement with Ingram Micro include:

  • Resellers can now be at the forefront of a critical cybersecurity market transformation powered by software-defined Security as a Service solutions.
  • For the first time, network managers can leverage a single, multi-tenant platform to build, manage and secure their critical network infrastructures.
  • Through access to Perimeter 81’s Zero Trust Network as a Service, organizations can more easily ensure their valuable on-premises resources, cloud environments and business applications remain fully secured.
  • IT departments can dramatically reduce overhead costs by eliminating the expensive hardware and manual configurations required by legacy solutions.

About Ingram Micro

Ingram Micro helps businesses realize the promise of technology. It delivers a full spectrum of global technology and supply chain services to businesses around the world. Deep expertise in technology solutions, mobility, cloud, and supply chain solutions enables its business partners to operate efficiently and successfully in the markets they serve. Unrivaled agility, deep market insights and the trust and dependability that come from decades of proven relationships, set Ingram Micro apart and ahead. Discover how Ingram Micro can help you realize the promise of technology. More at www.ingrammicro.com.

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers. To learn more visit www.perimeter81.com.

Read More
press release image
Perimeter 81 Launches Zero Trust Application Access
Reading Time: 2 minutes

TEL AVIV, IsraelJuly 16, 2019 /PRNewswire/ — Perimeter 81, the leading Zero Trust Secure Network as a Service provider, announced today that it has officially unveiled its new cornerstone solution: Zero Trust Application Access. The service is designed to meet the demands of today’s ever-expanding modern network and ensure fully secured, isolated and agentless access to an organization’s critical web applications, secure shell (SSH), remote desktop (RDP), virtual network computing (VNC) and Telnet in an emulated, streamlined and seamless way, regardless of where employees connect.

Zero Trust Application Access employs multiple layers of user trust and device trust policy validation to authorize employees before granting them swift access to applications in a session that is fully audited and can be recorded and monitored. The solution secures the network, employees, and applications using Zero Trust guidelines, and isolates the applications from the network at all times.

“The corporate network we see today is increasingly user-centric rather than site-centric, and with the proliferation of software services like web applications, IT security professionals are dealing with a rapidly increasing attack surface,” said Amit Bareket, Perimeter 81 co-founder and CEO. “Our Zero Trust Application Access solution simplifies the security measures required by these numerous and widely distributed web services with a unified, multi-tenant and holistic platform that provides full visibility, high availability and precise access control based on user and device trust.”

Perimeter 81’s Zero Trust Secure Application Access complements its Zero Trust Network Access solution, which ensures simple, segmented and secure access to any cloud environment or LAN, including all ports and all protocols, through a secure network layer and single-click, cross-platform applications. With Zero Trust Secure Application Access and Zero Trust Network Access, Perimeter 81 is now among the first Networks as a Service to deliver a complete Zero Trust network security platform for both managed and unmanaged devices as a cloud service.

Perimeter 81 plans to follow up today’s launch by adding further cybersecurity services like Web Security and Branch & Cloud Interconnectivity in order to deliver a fully holistic, unified and user-centric Network Security as a Service platform.

“Our ultimate aim is to build a customizable one-stop-shop for networking cybersecurity, in which one platform, one agent, and one cloud network are used to consume multiple cybersecurity solutions,” added Bareket. “The launch of Zero Trust Application Access is a key step in our efforts.”

About Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service that has taken the outdated, complex and hardware-based traditional network security technologies, and transformed them into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali, Perimeter 81 serves a wide range of businesses, from midsize to Fortune 500 companies, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

Read More
Zero Trust Application Access Solution
Perimeter 81 Launches New Zero Trust Application Access Solution
Reading Time: 2 minutes

We’re excited to announce that we have officially launched our new solution: Zero Trust Application Access. This new solution will allow our customers to provide their workforce with secured, Zero Trust access to popular web applications —  without an agent. 

Our new Zero Trust Application Access solution seamlessly employs multiple security layers of user trust and device trust policy validation. With the Zero Trust Application Access solution, employees are validated and granted quick access to applications in a session that will be fully audited and can be recorded and monitored.

Zero Trust Application Access allows you to easily manage application access by creating customized policies with a more granular authentication approach. By applying user identification rules, you can seamlessly and continuously protect your organization’s applications. The identification access rules can be based on network, device, location, work schedule and connection time.

Secure Application Access

Our new Zero Trust Application Access solution is designed to meet the demands of today’s ever-expanding modern network and ensure fully secured, isolated and agentless access to an organization’s critical web applications.

With Zero Trust Application Access you’ll now have: 

  • Fully Audited Access: Secure application-level access by fully auditing, recording and monitoring each session.  
  • Application Deployment Access: Based on customized protocols, organizations can deploy four types of applications: secure shell (SSH), remote desktop (RDP), virtual network computing (VNC) and Telnet.
  • Identification Policy Rules: User identification rules seamlessly and continuously protect your organization’s applications.
  • Advanced Threat Protection: Comprehensive protection against both known and unknown threats, including threats on mobile devices.

Zero Trust Access Principles 

Conventional security models assume everything “on the inside” can be trusted, which is why these legacy technologies are, for the most part, no longer effective. Our new service secures the network, employees, and applications by applying Zero Trust guidelines that isolate applications from the network at all times. 

With unparalleled visibility, control, and threat protection, our Zero Trust Application Access provides a completely transparent experience for all users without needing to modify existing networks.

By implementing Perimeter 81’s Zero Trust Application Access, our customers can experience several technical and business advantages, including:

  • Mitigating Data Loss: Dramatically enhance your security posture and mitigate data loss via visibility, safe enablement of applications and threat prevention.
  • Increasing Efficiency: Simplify compliance with highly effective trust boundaries by segmenting sensitive resources into many small perimeters that are secured based on user permissions.
  • Enabling Mobility and Virtualization: Increase the ability to accommodate transformative IT initiatives such as cloud computing, infrastructure virtualization, user mobility, social networking and more. 
  • Reducing TCO: Reduce total cost of ownership (TCO) for IT security by replacing disconnected point products with a single, consolidated security platform. 
  • Increased Visibility: With audited access to cloud environments, applications and local services, Perimeter  81’s Zero Trust Application Access increases security, monitoring and visibility while reducing help-desk support.
  • Increased Security: By encrypting all data and filtering unwanted traffic, organizations can prevent sophisticated cyber threats from penetrating perimeter defenses. 

Perimeter 81 Zero Trust Application Access complements our Zero Trust Network Access solution, which ensures simple secure access to any cloud environment or LAN. With Zero Trust Secure Application Access and Zero Trust Network Access, Perimeter 81 is now among the first Networks as a Service to deliver a complete Zero Trust network security platform for both managed and unmanaged devices as a cloud service.

Have any product questions or suggestions? Don’t hesitate to contact us at [email protected].

If you don’t currently have an account and would like to experience a full tour of our platform, be sure to request a complimentary demo.

Read More
5 Network Security Mistakes
5 Network Security Mistakes Your Employees are Still Making
Reading Time: 4 minutes

Network security breaches are frequently grabbing the headlines, often with the same angle of how big was the hack, who was affected and what information was taken. The majority of the time, the source of the hacks tend to be influenced by which actor or which technical error occurred. While these data breach stories grab readers attention, we need to rethink how these kinds of hacks really occur.

5 Network Security Mistakes Your Employees are Still Making

Today, companies are increasing their cybersecurity budget by implementing different security solutions to fight off hackers. This is good news as we are not just depending upon best practices. However, there is one security patch that can never be fully fixed the errors committed by the company’s employees.

Every organization is aware of the risk of human error. Employees occasionally commit mistakes, which can hurt the network of their company. However, not all organizations realize how dangerous human errors can be when it comes to the network security of the organization. 

So how do you help lead your employees past some of the common and painful network security mistakes?

Here are the 5 most common network security mistakes by your employees and how to fix them.

1. Using Weak Passwords

One of the most common network security threats is the usage of weak passwords. When passwords are not set using the correct procedures, they can be easily hacked by external actors which will allow them to infiltrate the company‘s network.

Passwords are considered one of the most common forms of security, and they can be highly effective when used properly to protect the privacy of data stored on servers across the network. The use of weak passwords can easily be resolved by educating employees about strong passwords and the part they play in keeping hackers away. For critical and sensitive business data, implementing a stronger password-protection system like periodic expiration of the password and multi-factor authentication can provide an additional layer of security against hackers.

2. Using a Traditional VPN

More and more companies have adopted remote workers and the migration of their critical applications to the cloud. Traditional VPN services are too tolerant, allowing staff to access their company’s network for their day-to-day work. As a result, these resources assume unwarranted visibility and become more receptive to compromise.

Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software-Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. 

Traditional security models are designed to protect the perimeter to fight off threats that try to exploit your company’s network. By implementing the Zero Trust need-to-know model, each employee will gain a customized secure connection to their organization’s resources requiring access.

3. Using Unknown Devices

Employees tend to make the mistake of sharing external USB devices or using unauthorized devices which can be plugged-in any machine on the network. In addition, some employees make the potentially harmful mistake of plugging in unknown USB drives into their laptops that they find around the office.

These devices may contain a virus that could spread from one infected computer to another. Employees should refrain from using these kinds of devices that were not authorized by the administrators of their network. Organizations should set up company policies that prohibit employees from using their own devices which might have been controlled remotely by a hacker.

4. Using Free WiFi Hotspots for Work

Public Wi-Fi hotspots are convenient when abroad on vacation, at a cafe, and at the airport. Remote workers and employees who frequently travel for business often take advantage of public Wi-Fi to work on the go. However, connecting to public Wi-Fi for accessing your company’s network can prove risky to your employees as these networks are easy to hack. Hackers can easily gain access to the company’s confidential and sensitive data.

Hackers can also use public Wi-Fi hotspots to install malware on the mobile devices of those employees who have enabled file-sharing on their system. To fight off the hackers, organizations should advise employees to avoid using public Wi-Fi networks to connect to corporate resources without a secure network as a service solution.

5. Unauthorized Application Installation

Another common security threat by your employees is the installation of unauthorized applications on the company’s network. This can be a critical threat to a company because it just takes a few small installation steps for a small program to take control of the whole network.

This can easily be fixed by revoking administrative access for most employees. Another way to fix this type of threat is by training employees the importance of third-party credibility and authenticity. This can be enough to make employees aware of the threats posed by the installation of unauthorized applications.

Moving Forward 

The human factor is one of the main issues in ensuring the security of corporate systems. More and more often attackers choose to slip into the corporate network by attacking the employees, rather than hacking into the infrastructure directly from outside the perimeter.

To prevent attackers from getting inside your company’s infrastructure, your organization’s employees should be properly educated about security and the risks involved. By properly educating your employees with network security best practices, they will provide an additional layer of defense against hackers attempting to gain access to your network.

We hope you found this post helpful! Feel free to share any network security mistakes that you have witnessed in the comments section below. If you’d like to learn more about the many advantages a Zero Trust Network as a Service, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More