Can SASE Reinforce Remote Voting?
Reading Time: 4 minutes

The risks behind remote voting

Election interference is the new normal, or perhaps it quietly has been for some time now. Until recently, though, it has escaped the limelight because the process of voting in most places has barely changed since the dawn of democracy. People show up their designated voting booth, wait in line, verify their identities and cast their ballots – but in the era of COVID-19 this idea is more complicated than it once was – and also more compromised. 

Obviously, the ideals of democracy must be upheld even during a pandemic in which the pathogen at large is airborne, and people must be empowered to vote even if they aren’t able to stand in line. Especially as an important US Presidential election approaches at the end of the year, the idea of remote voting has emerged as a potential solution to the obstacles put in its place by coronavirus – but solutions must also be found for securing the remote vote itself.

A Rocky Start to Remote Voting

Rather than mail-in ballots, which require immense administrative efforts to corral, count, and authenticate, remote voting would entail using technology to mimic the same processes but in a streamlined digital manner. In the midst of COVID-19, governments have already embraced digital alternatives for physical processes steeped in tradition and respect – just look at the testimony of Dr. Anthony Fauci, who recently appeared in front of the Senate via Zoom.

Thanks to H.R. 965, which was passed in mid-May during the throes of the pandemic, members of the House have been alpha testing remote voting at a very small scale. While Senators must still show up and have their Yeas and Nays tallied on paper, House members are able to send in their votes via encrypted email and have them counted. This is still an early and rudimentary solution, and there’s no doubt that rolling out digital voting to the greater USA or even individual States would require something much more complex.

So far, some States are experimenting with digital voting, but they are doing so against the advice of Homeland Security’s recent report, which highlights remote voting as extremely high risk. This is no doubt a remnant of 2016, when hackers successfully breached online voter registration systems in an attempt to sway results of the election – or simply to test the water in advance of the “real” interference attempts which are soon to come. The wagons haven’t circled yet, and any efforts to advance remote voting efforts now are as undefended as they were then.

Remote is a (Necessary) Risk

Evidence points to the fact that the varied and disparate digital systems that already exist can’t be capably secured, meaning any attempts to institute remote voting will be built on a flimsy foundation and cause even more trouble. This would create an untenable situation in which both election results and faith in the system can be challenged, so any efforts to help US citizens vote from afar must also come with accompanying security technology.

Attempts to secure local and state voter registration systems so far have focused on the lowest-hanging fruit: patching software and hardware, and “backing up” incoming digital votes by writing them down on paper. This approach is smart, because it’s often the most basic exploits that hackers use to disrupt the voting process. The remote voting apparatus, in the States where it currently exists such as Delaware and West Virginia, is extremely flimsy and reliant on a stack of tools that are each capable of being compromised in different ways.

Hackers don’t necessarily need to infiltrate systems and change votes themselves, they can simply disrupt the process by deleting or multiplying votes, adding false data, compromising signature-verification software, or overloading them via DDoS. This can occur for the ballots, voting machines, Secretary of States or registration websites, and other weak links in the chain. Accordingly, the entire voting flow must be secured from the moment a citizen logs on, through the verification process and until the final vote is tallied.

SASE a Secure Voting Solution

Remote voting is coming whether we’re prepared for it or not, because if you ask election officials, it’s more important to re-enfranchise those who are disenfranchised than it is to secure the systems we use to accomplish it. Though problems are bound to arise, given that in classic federal government style it’s up to individual States and the agencies within them to choose relevant security vendors and solutions, a new type of unified product is emerging that will kill many of these issues with one stone.

Coined by research firm Gartner, SASE is a cloud-based security product that by nature is capable of being integrated directly into all resources in use across government offices, regardless of where they are physically. It essentially weaves an impressive array of different networking and security solutions into each resource deployed in the digital voting process, ensuring that participatory voters and officials across the country are protected, given custom access privileges, and closely monitored for suspicious activity.

If a SASE product is deployed then the State of Florida, for example, could mandate that voters logging into whichever voting application Florida chooses will first need to authenticate with 2FA. During the vote, a SASE product would encrypt the voter’s connection to State applications with IPSec tunnelling, and even automatically disconnect them from the internet if the application should fail. Because SASE is both ubiquitously integrated and built on software-defined architecture, officials tallying votes and doing other administrative election work could be assigned role, location, and even device-specific least-privilege access policies which would limit the attack surface for hackers.

Elections to Evolve in the Near Future

If government IT teams match the variety of remote voting hardware and software with a similarly disparate selection of security tools, then their efforts will be further distracted from ensuring an accurate vote and go instead towards managing their teetering software stack. What’s necessary is one security solution encompassing all tools that States need to protect their voters, and one that fits natively into the systems they’ve already begun implementing and is therefore easily onboarded as other States come “online”. 

SASE looks to be a promising contender, though the security industry has some catching up to do before it’s ready for elections. That’s alright, because poorly deployed security would do more harm than good, and it’s important to be airtight: The point of elections isn’t to pick the winner but to remove any doubt in the mind of the loser that results can be argued. For this reason a robust and proven security solution is necessary if remote voting is to be the status quo.

Read More
ZTNA_2020
Perimeter 81 Recognized in Gartner’s 2020 Market Guide for Zero Trust Network Access
Reading Time: 3 minutes

Perimeter 81, the Secure Network as a Service solution for the modern and distributed workforce, has been included in the 2020 Market Guide for Zero Trust Network Access by Gartner Inc., a leading IT research and advisory company.

We were named as a representative vendor in the “ZTNA as a Service” category in the 2020 report. This year’s report was written by Analysts Steve Riley, Neil MacDonald, Lawrence Orans. Zero Trust network Access (ZTNA) describes the emerging market that is recommending organizations to replace their outdated traditional remote access VPN technologies with a more modern model that improves security while supporting a larger amount of use cases and enhancing the end-user experience.

Unlike stand-alone ZTNA solutions, as-a-service offerings require less setup and maintenance. According to Gartner, ZTNA as a Service solutions like Perimeter 81 typically require provisioning at the end-user or service side and route traffic through the vendor’s cloud for policy enforcement. Stand-alone offerings require customers to deploy and manage all elements of the product. In addition, several of the major IaaS cloud providers offer ZTNA capabilities for their customers. 

What Is the Market Guide for Zero Trust Network Access?

Every year, Gartner publishes the Market Guide for Zero Trust Network Access. The annual report helps security and risk management leaders choose the best ZTNA solution for their organization’s needs, specifically application-centric and demand-driven connections.

In this year’s report, Gartner highlights how digital business transformation is affecting enterprises worldwide. According to Gartner, “ZTNA augments traditional VPN technologies for application access and removes the excessive trust once required to allow employees and partners to connect and collaborate. Security and risk management leaders should pilot ZTNA projects as part of a SASE strategy or to rapidly expand remote access.” (1)

Perimeter 81’s Secure Zero Trust Network As a Service Offering  

Gartner recommends deploying “a ZTNA product that relies on multiple contextual aspects to establish and adapt trust for application-level access” and to “stop relying primarily on IP addresses and network location as a proxy for trust.”

ZTNA, the modern replacement for cloud VPN, removes excessive trust placed in physical networks in favor of adaptive, identity-aware, precision access that is application-oriented.

At Perimeter 81, it is our mission to simplify secure network, cloud and application access for the modern and distributed workforce. To do so, we have built a holistic SASE (Secure Access Service Edge) solution that provides both customizable networking and the highest levels of security.

Unlike hardware-based legacy VPN and firewall technology, our scalable SaaS solution offers greater network visibility, seamless onboarding and full integration with major cloud providers, giving companies of all industries and sizes the power to be fully mobile and completely cloud confident. 

Our cutting-edge zero Trust network security solution features:

  • Secure Cloud and Network Access 

Ensure user-centric and adaptive, policy-based network access to on-premise resources, SaaS applications, and cloud environments. 

  • Zero Trust Application Access 

Reduce the attack surface. Implement zero trust, fully audited access to web applications (Layer 7) via HTTP/S, SSH, RDP, or VNC, without an agent. 

  • Cross-Platform Endpoint Protection

Enable single sign-on access and two-factor authentication across iOS and Android devices as well as PC and Mac desktops.

  • Site-to-Site Interconnectivity

Bridge the gap with fully customizable networking. Interconnect your cloud environments and different network branches.

Industry Recognition 

Being recognized as a representative vendor of ZTNA as a Service in the 2020 Market Guide for Zero Trust Network Access from such a reputable resource confirms our continuous effort in changing the way organizations consume network security. 

“We believe our inclusion as a Representative Vendor in the Gartner Market Guide validates why leading organizations adopt the Perimeter 81 solution to manage user access to their cloud resources,” said Amit Bareket, CEO and Co-Founder of Perimeter 81. “The Perimeter 81 team has worked tirelessly to deliver a secure, network as a service solution that collectively provides secure networking and data science technologies in a way that overcomes the limitations of traditional security solutions. We feel that to be recognized by Gartner is a tremendous validation for the work the Perimeter 81 team has accomplished.”

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

(1) Gartner, Market Guide for Zero Trust Network Access, 2020, Steve Riley, Neil MacDonald, Lawrence Orans, June 2020.   

Have any product questions or suggestions? Don’t hesitate to contact us at [email protected] 

To learn more about Perimeter 81’s Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
Podcast Ep.1
Beyond The Perimeter Podcast: Episode 01 – Turning a Hobby Into a Career
Reading Time: 4 minutes

Listen to this podcast on Spotify, Soundcloud or wherever you find your favorite audio content.

We’re excited to have launched the Beyond The Perimeter Podcast: the podcast where we discuss everything security. 

Each week, we will discuss the latest and biggest breaches to hit the news and talk to different security experts to learn about their experiences in the security industry. In this edition of the Beyond the Perimeter Podcast, we tackle the EasyJet Breach and learn from independent security researcher Ryan Nolette how he made a hobby into his career.  

Breach of The Month: EasyJet 

On May 19th, British low-cost airline group EasyJet announced that they had suffered a data breach. They declared that the highly sophisticated cyber-attack affected over nine million customers. Details from the breach included full names, email addresses and travel data such as departure, arrival and booking dates. While the breach itself occurred in January 2020, EasyJet notified the UK’s Information Commissioner’s Office at that time, but waited four months to notify its customers. EasyJet did not immediately give details on how the breach occurred, but said it had “closed off this unauthorized access”. It’s most probable that a phishing attack was the culprit of the breach.  Our advice for all EasyJet customers is to change their passwords and check for any unusual activity in their bank accounts or suspicious phone calls and emails asking them for further personal information.

For more security tips and insights, I interviewed independent security researcher Ryan Nolette who explained his experience with information security at a young age and how it formed his career today. Ryan has held roles in the InfoSec field and consulted on threat research, incident response, and every level of security operations. He is an active speaker and writer on threat hunting, cloud security, and endpoint security.

Attracted To Information Security From an Early Age

If you ask security enthusiasts, many of them will tell you that their interest in security started at a young age. In Nolette’s case, movies and books about hackers, as well as early discussions with his school IT worker, sparked his interest in Information Security. “Infosec has always kind of been an interest to me. The movies that I was starting to watch, the Hackers trilogy and The Art of Deception by Kevin Mitnick came out and a colleague of my dad at the time told me to go check out that book and it was very interesting actually reading about the experience, the stuff that he went through and then how that related to the movies there.”

Initial introduction sparked into more of personal interest to Nolette. “From there it just kind of really – the interest grew and grew as I started researching the topic more and more. We started off with people doing pranks to each other in class and whatnot. You know, pop out the CD-ROM of your neighbor’s computer, things along those lines and it kind of escalated to well, you take those concepts and now we expand them out into these overarching, more in-depth topics that are enterprise-level and now instead of your adversary being your classmate, now your adversary is whoever the attacker is in the world and it’s just a change in scope and severity. I had a pretty interesting IT or a general worker for our school system that I went to had an open conversation about technology in general and we’ve learned an awful lot about my school’s network and the town network worked through that.”

Learning From Security Experts over the Years

In the late 1980s and early 1990s, the number of places to learn about networks and security was limited. Nolette described how he learned on the go and through experiences. “It was more of a silo for me. I didn’t know those forums existed at the time. How I learned things was from some of my schoolmates who were interested in computers and operating systems. It was definitely an interesting experience and unfortunately, at that time, it was very hard to get the information, to gather if you didn’t know where to go look.

The times have changed and now it’s much easier to learn security practices from experts around the world. “Now it’s significantly easier since I started in the industry and I’m really, really a big fan of that and that kind of leads into – if you want to get started in the industry, just go to a conference. There are free and cheap ones all over the world. I’m on the East Coast of the United States and there’s a BSides conference in pretty much every state and that’s a wonderful, affordable conference to go to and they handle a very large group of attendees, whether they’re the presenters or the attendees on their own. They really foster a collaborative environment. So you can go in and ask questions. You can attend one day of a conference and learn about 10 or 20 different vectors of security and that kind of lets you figure out what you’re actually interested in.”

Endless amount of Security Content While Remote  

With the majority of the world working remotely, the face to face events have been canceled. Nolette highlights the different virtual opportunities for security minds like himself to learn remotely. “One of the best things that came about from this is I’m a big Reddit fan. So there’s a couple of different security subReddits and they have curated lists of virtual conferences, free online training and discounted tools and training. They’ve kept them pretty up-to-date and it’s just spreadsheets of these different resources that are available to you. So definitely check that out as a starting point and get a bunch of things online.”

With the current remote situation, the security community has gotten a bit creative to spread their knowledge. “While I know there are a few new conferences that even launched because of the work from home and the virtual conference idea. A new conference is basically going to put all the attendees on a Zoom call without any of the security restrictions on it and just kind of see what happens. So there should be some fun stuff like that.”

You can follow Ryan on Twitter and read his latest content on his Github page.  

If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on Soundcloud or wherever you listen.

Read More
VPN_SASE
VPNs Are Out and Scalable Remote Access Solutions Are In
Reading Time: 4 minutes

COVID-19 has accelerated the world’s digital transformation and lately this has headed in an inevitable direction: the adoption of remote work. We can no longer assume that employees are working from the office and the “new normal” that the world is experiencing will likely bring about permanent changes to how and where we work. Tech giants such as Facebook, Twitter and Google have announced they plan to keep their employees working remotely until at least the end of 2020, and possibly beyond. While this approach is gaining popularity by the day, it’s far from a new concept. 

Remote work has been a popular method for companies for the past two decades due to benefits like flexibility, productivity and cost-savings. In late 2019, Gartner predicted that by 2020, half of the US workforce would be working remotely. Here we are six months into 2020, and no one could have predicted that 62% of the U.S. workforce would go home to work remotely due to the COVID-19 outbreak. 

Are Traditional VPNs Still Relevant? 

Over the past 20 years, organizations adopted different tools in order to support and secure their remote workforces. The most popular solution that organizations relied on was an enterprise VPN technologies for remote network access. The value that VPNs once provided is diminishing by the day due to organizations’ transition to the cloud, however, and remote employees no longer need to connect to their corporate headquarters’ network. 

Due to COVID-19, the majority of global organizations are requiring that their workforces connect to business resources on the cloud or to the corporate network remotely, creating an overload of traffic on the VPN’s they previously implemented. Originally, the idea of installing a remote access VPN was the right approach, however it’s now providing more cons than pros. 

VPNs can expose organizations’ data and resources, making them more vulnerable to different attacks on the remote workforce. The traditional VPN provides remote workers with unlimited access to organizational resources, creating an attractive, ripe environment for hackers to get inside the company’s network. With legacy VPNs, organizations are unable to restrict access to specific network resources, making VPNs one of the weakest points of failure with respect to identity access and credential management as there is no segmentation, audit or control.

VPN has other limitations, such as a lack of network visibility and network segmentation, which limits unauthorized user access and overall network security. The tech was not designed to deal with dynamic networks that organizations are creating today. This is due to VPNs requiring constant hardware updates, the need to be properly managed and the absence of network or server flexibility. All of the above make it more complicated to scale and rapidly adjust for new users and network locations, and increasingly difficult to effectively manage hybrid and cloud-based computing architectures.

Scalability: The Key Factor of Today’s Workforce 

The idea that one day an organization may need to increase the number of users to thousands or more is possibly one of the most important factors when deciding which solution to implement, especially with remote access needs. VPNs’ scalability hasn’t been their strongest characteristic; actually their lack of scaling capability to hundreds or thousands of users has been more of an Achilles heel.

VPNs were initially designed to only handle a small percentage of the global workforce. In today’s day and age, with thousands of organizations looking to scale their entire workforce remotely, the need for remote access solutions is more demanding than ever. With a massive increase in users, organizations are seeing congestion and latency in network access and a lack of quality of service.  

In the past, when there were just a few remote workers in an organization, IT teams were required to designate a small amount of network access for them alone. When companies transform to a more remote workforce, organizations will need to adopt solutions that will have the capacity to support their networks and applications for everyone remotely. In the case of VPNs, network over-usage and older architecture results in slower user experience and creates headaches for IT and remote workers simultaneously. 

Additionally, the implementation of new users and networks with a VPN can take up to weeks to fully onboard, creating a major hole in the company’s network. So which kind of solutions should organizations look for when trying to scale access to remote employees?

SASE: The Scalable Model For Remote Access

Instead of thinking about how we can make the VPN more secure, flexible and scalable, we should look for a different secure remote access solution. The answer lies in SASE: Secure Access Service Edge. Unlike VPNs, SASE is a solution for the increasing demand for scalable network access. So what is SASE and why is it the answer?

SASE, which was coined by Gartner in August 2019, is the cloud architecture model that combines the different functions of network and security solutions into a unified cloud security platform. This delivered “as a service” offers scalable secure access to the organization’s resources and networks. The new model will allow organizations to simply connect and secure their networks and remote workers with a cost-effective and instantly integrated approach.

Unlike the traditional networking solutions or modern VPNs, the SASE model recommends that organizations should instead connect their employees and networks on a more user-centric level to a cloud-based service. While in the past, the majority of networks for organizations were concentrated at the central data center for user access, this didn’t provide a suitable model for remote workers. Gartner suggests that this site-centric approach is outdated and not effective as organizations are turning to edge platforms, SaaS solutions and cloud services. While the concept of organizations providing a data center for user access won’t disappear overnight, it will become less relevant as the majority of services are moving to the cloud. 

By adopting the SASE model, organizations will have a more flexible and scalable opportunity to connect remote employees to applications, cloud services, and APIs no matter their location. 

Scaling for the Future 

The SASE model for secure zero trust network access and additional vital security features provides organizations with scalability, flexibility, ROI and most important of all, secure access for their remote workforces.

When seeking the right remote access solution, look past the legacy VPN and change your approach with a more flexible and user-friendly SASE platform to secure your network, resources, and employees. 

Read More
Tightening Security on Microsoft Teams
Reading Time: 4 minutes

Remember driving down to your local computer store and picking up a shiny new copy of the latest Microsoft Word? Sleek in its box, the neatly wrapped Microsoft product had both disc and license inside, but it also came with something you didn’t bargain for: responsibility for its successful, safe operation. 

As a physical offline copy, security issues in operating this relic of the past could be placed squarely on you. But now that Microsoft Word has gone through multiple cycles of product consolidation and emerged as a vital business pillar, security considerations surrounding the whole Office suite, and now Teams, deserve another look.

Microsoft Teams allows collaboration and communication across the various services that are included in Office 365. Make no mistake, Teams users can be confident in the safety of their data, but when more weight lands on the solution as a productivity cornerstone, it’s smart for organizations to supplement Microsoft’s built-in safety mechanisms

From discs to on-demand software, the now fully-integrated nature of Teams makes it a powerful tool, but one that sits at the epicenter of a bustling cloud encapsulating both good and bad actors. 

Consolidation of Products, and of Problems

Exemplified primarily by Microsoft, products that were once sold separately eventually congeal into a single platform that offers them all as functions conveniently packaged together. This is what happened to Word, Excel, PowerPoint and other Microsoft software that turned into the Microsoft Office 365 “as a service” solution. 

With Teams, increasing sophistication and connectivity in the name of a good user experience has also created new ideas in the world of security, as most innovations do. Teams represents a single window into the virtual Office, where employees can discuss projects happening in real time, talk over chat, voice or video call, and work on shared documents together. This shiny front end doesn’t bely any backend complication, but it’s there. 

For each “team” you create, the backend gets a new SharePoint site, Office 365 group and other assets in places like OneNote and more. This doesn’t include other integrations that your organization might choose, such as ZenDesk, Salesforce, Mailchimp and other popular platforms. With an impressive level of integration comes an intricately complicated environment for security professionals, especially as companies expand and lean on Teams even more. 

Licenses are online, so much of the functionality that Teams offers is largely available when an organization is connected to the web. Moreover, since November 2019 Microsoft has allowed Enterprise customers to grant guest access to contractors and other non-licensed individuals who work with them. Suddenly, file sharing of sensitive documents and resources is happening outside the network and unfamiliar entrants are streaming in, so managing the chaos becomes necessary.

Integrated Solutions Beg Integrated Security

Both in how Teams is secured and used, and in the tools that IT security teams must enforce for users, care should be taken so that data inside Teams doesn’t sprawl outside of its boundaries, or alternatively, become concentrated and offer hackers a single ripe target. Much like Slack, Teams users can create different channels where they communicate about specific subjects or tasks related to this department or the other. 

While users should be encouraged to create new and different channels for their conversations, it’s crucial to maintain control and ensure that loose ends (dead, repeat, underused channels) don’t occur, and that sensitive information isn’t overly shared or replicated in multiple different places or with people who don’t need to see it.

Integrations are crucial to any organization relying on Teams, and when implemented correctly they are amazing productivity boosters. However, one of the most underestimated issues that occurs in a highly integrated environment is configuration: Sometimes the integration may work well but the most minor settings might create a security gap that leaves the network exposed. 

When many third parties are a part of your Teams installation, whether they’re services or service providers, it’s recommended to layer an extra security blanket over the whole thing. Teams has built-in two-factor authentication, and IT should require it before users are able to log in. Don’t stop there, though, extra effort to track devices and endpoints should be taken as it will also help IT prevent downloads from Teams to unmanaged devices, or those that haven’t passed through the gates of “Zero Trust”. 

Because Teams is a nucleus of business activity and by definition holds assets that might spell trouble in the wrong hands, a strict least-privilege access model should be instituted. Another integrated solution is suitable, but one that simplifies the security functions that can plug into Teams, and with a purpose to remove trust from the equation, full stop.

Teams Turns Zero Trust

In few organizations does each employee need access to the full list of functions and capabilities that Teams provides. Microsoft understands that not every employee will need access to SharePoint, for example, and supports Teams separately as a cloud app for Azure Active Directory and the conditional access policies it offers. To take advantage, however, administrators must ensure that the correct policies exist on all applications inside the Teams installation such as Exchange. 

This can take some maintenance and oversight, so it’s easier to find a more unified, seamless Zero Trust solution where all this is done from a single admin panel. Security providers pursuing the Network as a Service model are already being used for this purpose, and when integrated with Teams are able to better streamline the orchestration of necessary security tools. Network as a Service solutions reside on the network layer and therefore allow organizations to easily define custom access policies for segments of their local and cloud resources (like Teams, or parts of it). 

This way, IT controls which roles, devices, and locations are allowed into specific parts of Teams and other network areas with greater ease. Additional security tools can’t hurt, and add a safety net to Teams in a couple different ways. Though Microsoft has 2FA, Single Sign-On and the encryption of files, a wider array of options is helpful. 

Support for other MFA and SSO providers is nice, as is the option between SSL, IPSec, and WireGuard in terms of encryption, for instance. One idea which should surely not be forgotten is better network activity monitoring. This is one of the most important points for complex Teams installations: logging and monitoring is a lynchpin to proactive threat detection and compliance alike. 

Integrating these functions directly into Teams doesn’t complicate it. Why? Simply because they’re all offered under the umbrella of a single security provider which integrates directly into Teams and saves IT from fiddling around with different settings between Exchange, SharePoint, Word, Azure, and others. Teams is an amalgamation of multiple useful software tools, but there’s no question that productivity is the primary reason for its existence, and that third-party security services improve it is neither a surprise nor takes from its impressive reputation.

Read More
SASE_Gov
SASE: Evolving Government’s Cloud and Network Security Strategy
Reading Time: 4 minutes

Even though cloud technology has become the new normal for the private sector, it has a less than tenuous grasp on government. In 2018, cloud neglect in the public sector prompted the White House to launch its “Cloud Smart” policy, designed to promote the idea that government agencies should begin adopting this useful breed of computing technology. 

At the time, relevant agencies didn’t jump quickly on the opportunity due to security concerns such as data storage and the sharing of information. However, the time is now ripe. With cloud computing over a decade old and long proven as a pragmatic solution to many administrative problems, it’s time for lagging governments to bring themselves up to speed. 

Despite some public offices embracing a cloud-first approach or cloud-only policy, the majority of the United States government is woefully behind, and still in the dark about the risks and benefits that come with moving network resources to the cloud. Most concerns circle the notion of privacy or security, but these days they’re addressed more easily than they once were.

Cloud Security a #1 Priority  

In the United States, there are more than 90,000 government offices that comprise a patchwork of different approaches for cloud computing and cloud security. In most cases, local and state governments are more open to adopting cloud solutions and services as opposed to the federal government.

These government offices are finally clueing into the tangible benefits that the cloud provides: low costs, ease-of-use and higher productivity. With these advantages within reach, ensuring that preferred cloud solutions are secured has become the top priority for governments. Any and all benefits can be ignored if the implemented cloud services or solutions aren’t totally secure, and this is why analog processes have reigned supreme for so long.

As government offices begin to push their networks onto cloud infrastructure and connect them with remote workers and IoT devices, the number of endpoints that hackers can attack has climbed significantly. As we saw in March 2018, the City of Atlanta was attacked by hackers with ransomware that shut down government services for six days. Likely a victim of the SamSam exploit on Java-based servers, this is an example of how ditching self-managed hardware for a provider’s cloud would likely add a barrier between hackers and government property.

Gov_breaches

It is also just one of many examples for how governments have become a more popular target. In response to the growing sophistication of attacks, cloud security must now go beyond malware defense, and so government IT teams are forced to look at the big picture. Instead of focusing on specific types of attacks, they need to promote efforts to gain omniscience within the network. In the past, governments tended to only pay attention to the data leaving their network perimeter, but today they need to be just as cognizant of permissioned users and data being accessed by government employees. The rise of the remote workforce has pushed visibility even further into government IT teams’ awareness.  

Taking Control of the Network 

As more governments adopt network security solutions for their work environment, an increasing number of security events and alerts have overwhelmed governments’ security teams, which actually distracts from the idea of better network visibility. IT teams need to have complete knowledge of what is occurring on their network at any given time, across public and private clouds, applications running on the network, and more. Where numerous unqualified alerts create a swarm blocking proper visibility, hackers can use the hubbub to muffle their steps and make a quiet entrance into government agencies’ networks. 

To fight visibility and network control concerns, governments should adopt Security Information and Event Management (SIEM) systems. These systems accumulate the data from different sources and recognize which are outside normal parameters, and also provide an appropriate response. SIEM systems play a huge part in helping IT and security teams to detect and prevent security risks across governments’ infrastructures in an intelligent manner. 

More Solutions, More Headaches 

For any modern government cloud security strategy, it’s often recommended to implement a range of products that deal individually with a wider range of common network attacks. Until recently, this strategy worked well, but now we are seeing that it creates a bigger problem. Adding a large number of products to IT’s stack causes misconfiguration and exposed deployments of various software solutions. This, together with ensuing hybrid IT complexity, is creating a tangle of security challenges for IT teams.

This challenge has a label; “tool sprawl”. It is the idea of investing in a range of security products that work together, yet make it harder for IT teams to manage and orchestrate them in the network. In order to achieve a more flexible and productive network and cloud security strategy, governments have to move away from the multi-vendor tool sprawl approach and look to adopt a unified platform model. It’s especially true for governments that are looking to ensure the privacy and security of their data against outside threats. This is where SASE comes into play.  

Perfect Cloud Security Model for Governments 

By adopting edge data security, government agencies can enhance their security hygiene with the help of quicker, integrated, and more elastic solutions that simultaneously keep government employees connected from afar. This approach has become more relevant with the introduction of Secure Access Service Edge (SASE).

Secure Access Service Edge (SASE) was introduced by Gartner in August 2019. SASE is a new cloud-based network security model that combines multiple network technologies delivered as a service, including SWG, CASB, FWaaS and ZTNA with WAN capabilities (i.e., SD-WAN) to support dynamic secure access to organizational assets. The SASE model allows government IT and security teams to easily connect and secure all of their networks and users in an agile, cost-effective and scalable way through the cloud.

By adopting a SASE platform, government offices can enable the delivery of integrated secure network security services that support digital cloud transformation, edge computing, workforce mobility, identity and access management. This new model will help governments get over the hump of doubt that has built up around the cloud. It will allow governments to manage all of their security and network solutions from one platform, fight off new threats and secure employees’ data no matter their location. On the near horizon is a cloud security strategy for the future and one that has no more relevant home than government.

Read More
The Digital Transformation Finally Comes to Security
Reading Time: 4 minutes

There are few phrases more buzzword-y than “the digital transformation”, but its broad scope means that the term has never meant a static, single thing. Digital technology is always changing, so the organizations that use it are changing as well. Going through a transformation from analog business flows to digital ones is something that started happening decades ago and we haven’t yet found the limit of this idea’s benefits, so it makes sense that there are multiple phases of digitization that have occurred over the decades.

Technology constantly gets smaller, faster, and more powerful, spilling like water into new industries and applicable ideas over time. These include infrastructure assets and machines, operations and business processes such as online payments, eCommerce, and supply chain management, and most of all organizations’ workforces by creating new roles and platforms they use to do their jobs. Much of digitization has been less about technology and more about self-reference, by cleaning up the digitization process itself and simplifying the array of vital tools and processes that pile up.

This is the theme of what is perhaps the most notable trend in the last year: and it comes from an unexpected sector.

Security a Silent Cornerstone of Digitization

In addition to incorporating the cloud into a business strategy or growing your data intelligence department, there’s a background of digitization that makes these processes easier and safer – because the risks inherent in going digital are many. The security sector exists to recognize how this new world is threatened and from where, and is important for ensuring that organizations’ digitization efforts don’t needlessly expose their data or put customers at harm’s way.

Since the 1970s, cybersecurity has been there to respond with pragmatic solutions, when a growing array of technology gets ahead of itself. From the early ARPANET “creeper” which led to the first antivirus program, and through years like 1989 which were devastated by both the first DDoS and malware attacks, it has nearly always taken some digital travesty to shed light on the security industry’s importance. 

Moving storage and services into the cloud is the latest and greatest example. These days, the cloud is a cornerstone of digitization, with migration tools abound and services like AWS and Salesforce, which come with an arsenal of useful onboarding functions, single-click business processes, storage solutions, and more.

With mobile devices and applications getting more capable, however, it has meant that data moves farther than ever and exchanges more hands. That has given a larger opportunity for hackers to steal this data, and so the security sector has had to identify where the gaps appear and how to close them to enterprising bad actors. This is hardly a surprise to those who are familiar with the idea of cybersecurity, but even IT professionals “in the know” aren’t aware of how far along this simple idea has taken digitization in 2020.

Putting Security Ahead of the Curve

Unfortunately, the limits of cloud computing have been tested recently as remote work gets infinitely more popular. In terms of both security and speed, we’ve seen online platforms overclocked and put to the test in greater numbers, and not always with stellar results for IT. The use of many business-critical services together may work, but a greater number of endpoints and carelessly strung together solutions puts even the most diligent IT teams in a bind.

Many organizations realize this, and to lighten the burden they’ve enforced the use of basic security tools like a VPN. While a VPN will raise the lowest hanging fruit for a lazy hacker, they’re not perfect, and don’t make the digital transformation much easier. They just add another tool for IT to be responsible for configuring and managing, on top of storage, CRM, ERP, and other platforms. The required hardware for a VPN puts a price tag on security in terms of labor and more, and they don’t perform well under the conditions that networks are currently in. IT teams are then learning more about ideas such as Zero Trust security, which lets them segment their networks into custom-sized pieces, and implement unique access policies on top of the capabilities of a traditional VPN.

SASE Reminiscent of Past Tech Consolidation

This has solved some problems but not others. Zero Trust is indeed much better for security and easily scalable, but it’s still another tool stacked on top of the network. The old problem – that knowledge workers only spend 39% of their days actually working, thanks to platform overload – isn’t solved. Teams implementing Zero Trust are indeed considered cutting edge, but the last year has brought a relevant idea into the spotlight: SASE. Billed by research firm Gartner – the acronym’s creator – as a unified network security platform, SASE merges many of the network access and security tools that IT relies on.

With CASB, FWaaS, Wi-Fi security, IPSec tunneling and encryption, multi-factor authentication and SWG all easily consumed in one place, SASE turns ideas that used to be full-fledged and separately consumed platforms into features of a single platform. This is reminiscent of what Microsoft Office 365 did in 2011 – combining multiple pieces of software into a single, cloud-based “as a Service” solution. Now that it’s happening in security, as companies go through implementation in greater numbers the turbulence of the last decade, rife with consecutive record-breaking data breaches, may finally be recognized as a speed bump instead of the status quo.

Read More
SDWAN
The 5 Most Common Mistakes That Organizations Make with SD-WAN Security
Reading Time: 5 minutes

The traditional brick and mortar, 9-5 office was previously seen as the central database for all employees trying to connect to the company’s network and resources. While this model worked in the past, currently it’s extremely outdated due to slow network connection time to data centers. Instead of placing the networks where the company is based, organizations must rethink how their network architecture needs to be designed. 

While many organizations still make the branch sites the center of networking, they should make their employees’ location the key factor of how their company’s networking should be implemented. Due to the ongoing digital and cloud transformation, employees are seeking quick access to data and company resources in their work environments, no matter their location. 

As a result of the modern employee needs, the once traditional static MPLS connections are not the answer for today’s modern networking between the user and the office branch. Due to the evolving network technology, organizations started to adopt SD-WAN solutions for quicker, flexible, effective, and more affordable networking. 

What is SD-WAN and What are its Benefits?  

An SD-WAN, also known as a software-defined wide-area network, is a virtualized network that is abstracted from data center or branch office hardware to create an easily configurable and scalable overlay wide area network distributed across local and global sites. It’s also an application of Software Defined Network (SDN) technology that is more reliable and scalable than VPN-based WAN solutions because it takes a software-based approach to build and extend enterprise networks beyond the core SDN.

Organizations today can use SD-WAN solutions to connect branch offices to their corporate networks instead of using traditional and expensive multiprotocol label switching (MPLS) connections, firewalls or proprietary hardware.

SD-WANs offer many benefits for organizations looking to leverage the cloud ranging from network topology simplification, internet traffic prioritization, and cost reduction to scalability and integrated security. SD-WAN management solutions allow IT managers to automate deployment and configuration processes of their network which reduces the complexity of managing a WAN network. Additionally, applications can also be integrated and managed from an SD-WAN portal, further simplifying SD-WAN management.

Despite the numerous benefits and the advancement of SD-WAN solutions, most organizations leave security at the door when implementing SD-WAN solutions. 

Security is Essential for SD-WAN Success

When organizations are adopting new technologies, security is top priority when choosing a service of solution. This is the same with SD-WAN. According to a Gartner survey, 72% of executives see security as their biggest SD-WAN concern.

As each organization implements new networking infrastructures, they need to think and prepare for the different security risks and challenges. Many of the outdated security solutions cannot address these modern security challenges. 

Adding to that problem, SD-WAN falls under most networking teams, which creates an even bigger issue where security isn’t even brought to their attention. Some might say it’s a mix of employees’ neglect or misguided advice but it’s just simply leaving an easy target for hackers to attack your organization’s network. 

SD-WAN Security Mistakes Happen

Some might think that SD-WAN security is simple: you install the solution, it encrypts the data, and then sends it to the user from one location to the next. However, like every other cybersecurity solution, you need to strategize and instead of separating security and networking, you need to think of it as one solution where networking and security go hand in hand. Other security mistakes can and will occur.  Here are our 5 security mistakes that organizations tend to make with SD-WAN and how to fix them:

Not Including SD-WAN Security in Your Organization’s Security Strategy

One of the biggest SD-WAN security mistakes that organizations commonly make is thinking that SD-WAN security is not part of the organization’s overall security strategy. SD-WAN should not be perceived as a standalone solution and just another connectivity tool that provides a level of data encryption. SD-WAN needs to implement the advanced security policies that other networking infrastructures are implementing.  

To avoid further security risks, organizations must implement a more advanced security approach that looks past WAN capabilities that integrate policy-based control rules into their company security strategy. This new approach will allow security teams to monitor the data with a more holistic SDN managed detection response model. By prioritizing SD-WAN security and integrating it into your cloud security strategy, your organization will have an extra layer of defense when fighting off malicious actors’ attacks on your organization’s network. 

Treating SD-WAN With a ‘Set It and Forget It’ Mentality

A continuous mistake we are seeing is when organizations implement a new technology in place and then they move on from it. This is the same issue with SD-WAN. To stay clear of this common mistake, organizations should have an ongoing monitoring and updating strategy in place to make sure everything is going smoothly. 

By adopting this always monitoring approach with SD-WAN, it will allow organizations to expand network visibility and properly manage their network on a daily basis. As the security landscape is continuously changing so is your SD-WAN solution, so it’s best to always stay up to date and monitor your network instead of setting it up and forgetting about it.

Encrypting SD-WAN Traffic is a Must 

A major networking challenge that organizations are experiencing is switching from an MPLS connection to a more public broadband connection. Unfortunately, this doesn’t bode well with their cloud environments and services. Due to this, more organizations are implementing SD-WAN solutions to create more private broadband connections that link the cloud resources to the organization’s main network. Adding more and new connections causes a domino effect which results in adding more holes in your network, opening the door to attacks. 

To solve this issue, organizations need to encrypt their SD-WAN traffic to protect their critical information that is being accessed by the organization.  It is recommended to adopt a SASE platform that encrypts all network traffic that transforms into a fundamental security layer in your SD-WAN solution. By having that extra layer of security it’s essential for organizations to provide a high performance secure networking connection to its employees.  

Implementing the Wrong Solution For Your Needs 

When seeking the right SD-WAN solution for your organization, you need to consider if this is the right fit for your networking needs. Another common mistake made by organizations is that they deploy another stand alone solution or the wrong solution. By looking for a tool that helps with network visibility or device policy management, organizations need to understand if this tool will secure our network and not complex the tough challenge of securing the network. 

Therefore, the first thing organizations need to check when considering an SD-WAN solution is whether it will easily integrate into its network and security strategy. By adopting the correct SD-WAN solution for its organization it will help increase security posture for the entire network security strategy.  

Forgetting about Security Entirely

Ignoring security might be the simplest mistake that an organization can make when adopting SD-WAN solutions. While SD-WAN tends to fall under the networking teams at organizations, the idea of a cost-saving solution usually forgets to include the importance of security.  

Instead of just thinking SD-WAN as another networking tool, organizations need to include their security teams when managing SD-WAN to ensure there is the proper security in place after adopting the solution. While this common mistake is a simple one it comes with major consequences. By implementing an unsecured solution can open the door to hackers and can create major security issues for the organization’s network and critical resources. 

Improving SD-WAN Security

In just over a few years, SD-WAN has shown its great value by providing a quicker and more flexible option for network transformation. Despite the continuous advancement of SD-WAN, they don’t entirely provide protection against more sophisticated attacks that we are seeing with today’s network environments. 

Moving forward, Organizations need to think about which advanced security functionalities need to be easily integrated into their SD-WAN solution instead of thinking security afterward. By adopting a more secure SD-WAN solution with the correct security functions integrated it will help organizations to detect and intercept attacks on its network moving forward.  

Read More
remote_workers
When Hackers Attack: 5 Essential Security Tips For Working Remotely
Reading Time: 4 minutes

Whether working from home or remotely, social distancing has grabbed headlines as one of the most popular buzzwords on the internet due to COVID-19.

Once the World Health Organization declared COVID-19 a global pandemic, the shift to working remotely became a reality. Governments forced all nonessential places of work to close up shop and recommended that all companies who can work remotely shift their employees to work from home model.

While remote work and social distancing have been essential in flattening the curve and the spread of the coronavirus, they open a Pandora’s Box of cybersecurity risks. By having employees work from home, organizations are forced to face the fact that employees’ devices are now the main way that they connect to their work resources. While this might not sound worrisome, it comes with many security risks, especially when coping with hackers and malicious actors. 

More Remote Workers = More Attacks

With each passing day, we are seeing more and more hackers trying to take advantage of the COVID-19 situation to target remote workers with different attacks such as phishing, VPN vulnerabilities, and malware. According to CNBC, the rise of cyber attacks is occurring due to the fact that the majority of companies have implemented an entirely remote workforce.

Due to the increase of attacks, IT and security teams are forced to make quick changes to their security policies and best practices for their remote employees. The in-office, company-wide security policies and training are not accommodated for the new reality that hackers are trying to exploit. Now, organizations must depend on their employees to be on the front lines against hackers, making it essential that organizations strategize and plan out employee-friendly security policies.

To Work Securely You Need to Think Like a Hacker

To help global organizations’ remote workforces to learn more about the different security risks we co-hosted a webinar with SOSA, Leading Cyber Ladies, the Israeli Economic Mission to North America, and the Global Cyber Center of NY on April 1st. The panel of security experts included Sivan Tehila, Director of Solution Architecture at Perimeter 81 and Founder of Cyber Ladies NYC, Nicole Becher, Director of Information Security & Risk Management at S&P Global Platts and Guy Franklin, MD, SOSA NYC – Global Cyber Center of NYC. In this webinar, the panel of experts provided their insights on the number of cyber threats facing everyone while working remotely and how organizations should protect their data, resources and remote employees. Watch the entire webinar on-demand below.

5 Essential Tips for Securing Remote Workers

Throughout the webinar, the panel of experts provides great insights into the different kinds of attacks remote workers can face on a daily basis. However, we would like to highlight the great security tips they provided throughout the webinar. You can find them below:

Update Your Business Continuity Plan

One of the most important tips that we can provide to organizations is to update their business continuity plans so that they can adapt to the always-changing landscape of uncertainties. When thinking about the rise of remote workers, organizations need to strategize and plan out how to keep their business afloat while staying secure. 

Take a closer look and assess risks and response technology to decide if you are prepared enough for the new changes in cybersecurity planning. This is an important tip as this division of a business must provide a quick and immediate assessment period. 

Create Strong Passwords and Enable 2FA

One of the most common mistakes that employees can make is using weak passwords. When passwords are not set using the correct best practices, they can be easily stolen by hackers. The use of weak passwords can easily be resolved by educating employees about what makes a strong password and the role they play in keeping hackers away.

Additionally, organizations should enforce the usage of a 2FA solution. Two-factor authentication (2FA) ensures that, in addition to usernames and passwords, the second layer of verification such as an SMS code is required. By adopting stronger passwords and 2FA, employees will be one step closer to working more securely.

Beware of Phishing Emails

When experts think of the most common attack on organizations, phishing is the first thing that comes to mind. Phishing is the easiest way to attack an organization’s employees due to its low cost and familiar presentation as an email. The process is simple; hackers begin by emailing employees an official-looking email that requests that they send them critical information from their work device. Despite it being one of the oldest ways to hack an organization or a user, most phishing emails can easily fool employees. 

To avoid such phishing attacks, they suggested educating employees to always double-check the email address, the tone of the email and the request itself. 

Implement Training and Awareness Programs

Educating employees on the importance of remote security will help them understand the impact they have on their organization. Implementing a security awareness program is a crucial step for organizations’ remote security planning efforts.

The program should cover why security is a joint responsibility for everyone from management to employees by providing clear examples of their roles in the organization and how security may be affected. The mistake of employees often thinking that the responsibility of the organization security solely falls on the security team is dangerous, but with the right education and real-life examples, employees will understand the importance of working remotely the right way.

Ditch the Legacy VPN

As most companies have become fully remote during this time, the need for secure remote access has become a must. While you might turn to traditional VPNs in order to access company resources, they are not the right solution to attain policy-based secure remote access today. Traditional VPN services are not scalable for organizations moving their entire workforces remotely and they lack network visibility, which opens the door for hackers to breach an organization’s network and critical resources, without any warning.

Instead of adopting a traditional VPN for remote access, you should look towards a solution that is based on the SDP architecture and the Zero Trust model. By Implementing a Software-Defined Perimeter solution, IT managers can customize permissions for those employees who need access to specific parts of the organization’s network. Additionally, by adopting the Zero Trust need-to-know model, each remote employee will receive tailored secure access to only the resources necessary for their roles.

Looking into the Future of Remote Workers

 As we see remote work becoming the norm for organizations moving forward, it’s important to think about the different risks that employees are facing on a daily basis. While some might believe hackers are thinking outside of the box with remote workers, they are actually targeting remote employees with the simplest and most effective of attacks. 

Looking into the future of business, security teams should adopt a mix of user-friendly security solutions and engaging employee security awareness programs. These are the first basic steps in the direction for total security for remote employees. 

Read More
April Product Updates: New SIEM Integrations, Amazon S3 and Azure Sentinel
Reading Time: 3 minutes

It’s not only the excellent feedback and requests from our customers that push us at Perimeter 81 to seek constant improvement. Our drive towards a complete SASE (Secure Access Service Edge) platform is a goal we’ve always got our eyes on, and we just got even closer. In that light, we’re excited to introduce some important new functionality to our solution this month: integration with Microsoft’s Azure SIEM and Amazon S3.

Smart Networks Lean on SIEM

No comprehensive network security platform should be without the ability to monitor and log the traffic or user activity that takes place. For ensuring total compliance and obtaining awareness of potential network exposure, SIEM (Security Information and Event Management) tools allow Perimeter 81 users to receive security alerts and analysis of events generated by applications and other parts of their networks in real-time.

Starting now, users with an Enterprise plan will be able to integrate their Perimeter 81 platforms with two more popular tools for free alongside our previous Splunk integration: Azure Sentinel and Amazon S3.

Azure Sentinel

A perfect fit for Perimeter 81, Azure Sentinel is a cloud-native SIEM and SOAR (Security Orchestration Automated Response) solution that is known for its scalability and ease of use. Now that it can be integrated directly with Perimeter 81, customers will be able to enjoy smart security analytics capabilities and live threat intelligence across their networks and applications.

Perimeter 81 customers will find it simple to set up a Log Analytics Workspace within our platform and link it to their Azure Sentinel solution, providing them with a unified platform that includes our rich array of network and security functions, and now also alert detection, threat visibility, proactive hunting, and threat response.

Perimeter 81 Azure Sentinel Integration

For a guide on how to integrate Azure into your Perimeter 81 platform, see our complete integration guide.

Amazon S3

The popular Amazon Simple Storage Service (abbreviated Amazon S3) helps organizations store their network objects and scale easily as they expand. Offering superior data availability, security, and performance than other leading solutions, organizations around the world rely on S3 to store, manage access to, and protect the enormous amount of data generated by their operations. Perimeter 81 now integrates with Amazon S3, enabling our users to forward data captured on their networks to their Amazon S3 bucket and improve their access controls in pursuit of specific business and compliance goals.

Perimeter 81 Amazon S3 Integration

For users relying on Amazon S3 to capture and who want to gain greater visibility over their Perimeter 81 network data, our handy integration guide makes it simple.

Stay Tuned for More

We’re hard at work adding features that complement our already robust Secure Zero Trust Network as a Service solution. Get in touch with us if there are features, functions, or integrations you’d like to see in the future – and keep an eye out for them!

Read More
SASE_ZT
SASE and Zero Trust Are a Perfect Match
Reading Time: 5 minutes

As more and more organizations are shifting their resources and applications to the cloud, we are seeing how edge computing is changing networks. These organizations must enforce policies on their employees for access to the networks and resources which are now in the cloud or on-premises. Additionally, employees are working remotely more than ever and their employers are seeing more applications and cloud services being consumed outside the traditional workplace. 

With the move to a remote workforce, the outdated hardware we once depended on is creating more issues by the day. The traditional network security architectures and solutions that pinned data to the headquarters of most organizations are a thing of the past. The challenge is that these organizations now need to provide their data and services no matter where their employees are located. 

Today, companies are adopting a more user-centric approach, which will provide a flexible network model for the remote workforce and cloud resources and services which must be accessible for employees around the world. This new model is forcing organizations to implement edge networks, connecting users to networks closer to their location and thus providing a more agile and secure access model to their organizations’ networks.   

To protect these networks, organizations typically shop around in the cybersecurity and network security solutions space, which is highly segmented offering an endless amount of different solutions from many vendors. Instead of simplifying the consumption of cybersecurity, these services are complicating what should be a smooth transition for integrating solutions in an organization’s network environment. The entire security space needs to join forces and offer a holistic approach to cybersecurity, and this is where the idea of Secure Access Service Edge or SASE comes in.

New Kid on the Block

Secure Access Service Edge (SASE), pronounced “sassy,” is a new cloud-based network security model that was coined by research firm Gartner. It combines the different functions of network and security solutions into a unified cloud platform to be delivered as a service without any or very little hardware and appliances required. The key solutions in a SASE platform are ZTNA, SDWAN, CASB, FWaaS and others. This unified platform will help organizations by simplifying secure access to critical resources and networks. The more streamlined model allows IT security teams to easily connect and secure all of their organization’s networks and users in an agile, cost-effective and scalable way.

Gartner also suggests that SASE offerings will offer policy-based “software-defined” secure access with a more agile and flexible networking where security and IT professionals of organizations will be able to customize the level of security, performance, reliability, and cost of every network session based on the identity of each user and prioritization of access needed. 

SASE enables the consumption of integrated secure network security services which promotes the adoption of digital transformation, edge computing, mobile workforces and identity and access management. Further to more advanced security and networking, key benefits include IT productivity, cost reduction, efficiency and flexibility to adopt new business services. Additionally, SASE enable organizations to update their security solutions against new threats and establish policies more quickly for the agile adoption of new security capabilities. For organizations looking to adopt the SASE model for their network security, it’s important to implement a solution that hinges on the Zero Trust approach. 

Zero Trust is a Process, Not a Product

Zero Trust (ZT) is a decade-old security approach that is based on the idea that organizations can’t automatically trust anything inside or outside their perimeters, but instead should verify anything and everything before granting access. They must also keep an eye on users within their borders at all times, and be able to get a warning when (and where) exposure is imminent. This Zero Trust model to secure network access services allows for the delivery of high-security, enterprise-wide network services virtually, and on a subscription basis for small and mid-market to large enterprises.

“Companies cannot afford to trust internal network traffic as legitimate, nor can they trust employees and partners to always be well-meaning and careful with systems and data. To manage the complexities of their environment without constraining their digital transformation ambitions, many companies are moving toward a Zero Trust (ZT) security model — a more identity- and data-centric approach based on network segmentation, data obfuscation, security analytics, and automation that never assumes trust,” states analyst firm Forrester Research. 

When implementing a Zero Trust security architecture, IT managers must isolate resources within their IT infrastructure using micro-segmentation. By dividing network resources at a granular level, organizations tune security settings to different types of traffic and create policies that limit network and application flows to only those that are explicitly permitted. This network micro-segmentation approach allows security teams the flexibility to apply the right level of protection to a given workload based on sensitivity and value to the business.

Today’s digital businesses need security technology partners that offer a range of capabilities that are easy to use and integrate, improve their network visibility and support the ZT model. The modern enterprise places a high value on partner solutions which can apply security controls across environments uniformly and quickly, with features that allow them to modify security policies and access as business needs change. This is where the SASE comes into play with a Zero Trust mindset. 

Zero Trust in a SASE World

Given that the Zero Trust network access model is geared around data access controls and visibility to organizations’ corporate resources, it’s easy to understand why Zero Trust and the SASE model are a perfect match. The two core elements of every SASE platform are its CASB (Cloud Access Security Broker) and the ZTNA (Zero Trust Network Access) solutions. 

By implementing both CASB and Zero Trust organizations can control their users’ activity and access based on preassigned rules created by the IT team. 

This will allow them to fully monitor their employee’s access to the different resources inside their network. But restricting user access to specific cloud resources based on each user or team of users isn’t the only feature that makes Zero Trust so attractive for organizations looking to implement the SASE model. The importance of complete network visibility is also a deciding factor.

As organizations implement SASE platforms with a Zero Trust model that has CASB, ZTNA and Layer7 (the application layer) integrated, IT managers have full control and visibility of user’s access throughout their organization’s networks and applications. Additionally,  any organization’s Zero Trust solution should be easily able to easily integrate with their current IAM – for example Azure AD, Okta and MFA. 

The number of agents required on a device will be reduced with SASE compliant solutions such as Zero Trust Network Access to a single agent or device with streamlined access policies that do not require user interaction while at the same time providing a consistent access experience regardless of the location or resource requested. y providing Zero Trust protection of user sessions seamlessly and consistently on and off the enterprise network, SASE solutions will offer end-to-end encryption as well as web application and API protection (WAAP) services. Using Zero Trust Network Access, SASE platforms will also extend protection to endpoint devices for public Wi-Fi network protection to protect remote workers. This dual-sided approach is crucial as endpoints pile up and expand their reach into organizational networks from afar.

There is No SASE Without Zero Trust 

As we are seeing a massive shift for organizations of all sizes moving to a more modern user-centric model, where the cloud and mobile are the center of attention, we need to adopt an approach that helps them enable better and more flexible security. The model we’ve been waiting for is here and it now has a name; SASE.  

This new approach will allow organizations to easily control their security and connectivity all under one platform. However, we must not forget that the Zero Trust model is a cornerstone of SASE and in a way, is a reason it can be defined as “unified”. Implementing Zero Trust alone is a strategy that gets companies most of the way there, in terms of security, but as this approach is delivered as a service alongside other functions, SASE begins to materialize. In the future, instead of thinking that Zero Trust and SASE are each a stand-alone offer, they will both reinforce each other to provide a revolutionary offering.  

Read More
Telehealth
The Proper Privacy Regulations TeleHealth Needs Right Now
Reading Time: 4 minutes

When the average American thinks of March, the first thing that pops into their mind is the beginning of spring. Unfortunately, in March 2020, life as we know it has changed completely due to COVID 19. While only essential employees are allowed to continue work as usual (with additional regulations), anyone and everyone who is able to work remotely has transitioned from the office to home in order to keep things on an even keel. 

This new remote lifestyle has changed the way we live, work, interact with people, and how we approach doctor appointments as well. The healthcare sector quickly implemented changes to provide a more remote experience to comply with social distancing regulations. 

In order to decrease the amount of face-to-face doctor appointments, on March 17th the Department of Health and Human Services (HHS) announced they “will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency.”

This popular move has allowed different healthcare providers to implement some of the most popular communication applications such as Zoom, Skype, WebEx, GoToMeeting, and others. Is this move to provide a remote option for patients the right decision for the current situation? 

The Right Healthcare Solution for the Current Situation

With the increasing rise of social distancing limitations and regulations, telehealth services are seeing an overflow of patients requesting a remote doctor appointment instead of face-to-face. 

As hospitals and governments are urging patients to avoid visiting emergency rooms,  many are turning to the online option of telehealth. The online option allows patients to consult with their doctors and specialists over the phone, video or chat as a feasible option. Telehealth video visits can be a successful tool for remotely monitoring and treating patients with mild symptoms who are staying home. Telehealth providers are easily able to monitor a patient’s symptoms and quickly decide whether they should stay home, go to the hospital, or meet their general practitioner. 

While telehealth has many benefits for patients, it comes with its challenges for healthcare providers – especially the traditional healthcare companies that did not have a telehealth program in place. Similar to scaling an entire company remotely, implementing telehealth programs takes time to establish the necessary technology, recruit doctors, train doctors about the best virtual practices and teach the patient how to use the platform. 

Healthcare providers that have not implemented a telehealth program yet should educate their patients with internal resources to learn more about moving to digital doctor appointments. In order to allow patients to take part in telehealth visits instead of in-person, providers should frequently provide medical best practices through their website, blog and social media to keep their patients engaged and informed.  

HIPAA Solves Privacy Risks

Due to surging increase of patients who are turning to telehealth services it comes with many privacy risks. Instead of doctors having previous knowledge of the patient’s medical history, the patients will need to explain more in-depth to their new doctors due to the lack of medical records on hand.

The lack of updated records on patients creates a massive privacy issue between the doctors and the telehealth platforms which they are using. Due to the history of healthcare’s super sensitive regulations for sharing records and the restriction of sharing patients’ data, this presents a problem for telehealth platforms. By sharing sensitive data over a communication app it creates an opportunity for hackers to be a fly on the wall of these more vulnerable conversations between doctor and patient, since communication apps may sometimes be easily breached and represent a trove of valuable patient information. Additionally, hospitals and healthcare providers need to double down on IT and cybersecurity to fight off potential privacy risks. This is where HIPAA comes into play. 

healthcare stat

Over the years, healthcare has been an attractive target for hackers trying to breach patients’ sensitive records. While medical data and records are some of the most delicate pieces of information out there, the healthcare industry has the right compliance regulations in place. HIPAA and other regulations have been around for years but since the HHS weakened the previous compliance regulations, telehealth is now a more attractive target for hackers.

Now that the government has become more lenient with telehealth regulation rules, enforcing HIPAA with telehealth communication is the right move to provide better privacy for patients.

The Health Insurance Portability and Accountability Act (HIPAA) requires medical providers to adopt data security in order to protect their patients’ information from disclosure. The HIPAA regulation requirement of encryption initially sounds a bit confusing, however, it’s much more simple than suggested. The HIPAA encryption requirements for transmission security state that covered entities should “implement a mechanism to encrypt PHI whenever deemed appropriate.” 

In other words, majority healthcare organizations are required to be HIPAA compliant and each provider needs to have some level of security for PHI. Healthcare providers are required to encrypt their data unless they can justify why they can’t implement encryption and can provide an equal alternative.

Achieve HIPAA Compliance with Secure Solutions

Tasked with choosing the best way to store, access and back up electronically protected health information, many healthcare technology companies and providers are looking at cloud computing. Adopting cloud-based Network as a Service technology is a great choice in comparison to traditional hardware-based solutions, as it offers scalability, affordability and increased compatibility with cloud storage environments. But remember, the security service you choose must be SOC 2 type 2 compliant and ISO 27001-compliant and have signed multiple HIPAA BAAs. With these checks in place, a Network as a Service solution like Perimeter 81 for healthcare can offer a highly effective solution for any organization’s HIPAA compliance needs.

TeleHealth is the Future

As we are experiencing a global social distancing, telehealth is quickly evolving, as is the way that it presents a remote option for healthcare services. However, potential privacy and security risks could decrease its value moving forward. Soon, we should begin seeing more government bodies authorize and create federal telehealth privacy and security protocols which will help healthcare providers avoid risks to their patients and better show the numerous benefits telehealth has to offer. With the help of the government and best privacy and security in place telehealth will have that added security to fight off hackers, and be able to shrug off questions about its security.

Read More