Business Continuity Plan Blog Post
Business Continuity Planning: 5 Actions CISOs Need to Take Now
Reading Time: 4 minutes

Organizations around the globe are engrossed in one of the major network revolutions of all time. The COVID-19 pandemic forced organizations to quickly adapt to different challenges over the past six months. With the sudden transition to working from home, organizations were required  to rethink their digital strategy in order to deal with the new normal.   

Remote work policies are changing the way we work. As new remote technology is introduced into the organization strategy, it’s important for the entire organization to understand the importance of how it affects their daily work routine. 

With the changes in technology and the location of the working environment, the organization’s management team needs to think about the different challenges facing them. One of the more important but less headline-grabbing threats that all businesses need to think about is their business continuity plans.

Business continuity is coming up with a plan for a company to deal with serious incidents and disasters in order to ensure the business can continue functioning within a reasonably short period. In the case of COVID-19, most organizations were unprepared for this unprecedented shift to remote work, something they had not previously considered and therefore not included in their business continuity plan. Too often we see business continuity plans to be over technical or high level for the casual employee which usually results in the lack of actual actionable items to implement. 

Now that we are currently over six months into the new reality and remote work is inevitable for the foreseeable future, organizations should be updating their BCPs. Chief Information Security Officers (CISO) and Chief Information Officers (CIO) have invested time and responsibility in the effectiveness of their business continuity plans. In today’s day and age, a cybersecurity strategy is an integral part of keeping businesses running while workers are remote. 

In order to gain insights into actions that CISOs can take to improve their organization’s business continuity plan, we spoke with experts who gave us their top tips. 

Be Involved In the Process But Delegate

Business continuity is an essential part of the survival planning for every business and organization. Too often it is erroneously assigned to the Information Security leader when in essence it is a business project and process that involves the key decision-makers in the C-Suite. Of course, a good CISO needs to be involved in the process, but should not own it.

“Any viable Business Continuity Plan must be tied and coordinated with a Disaster Recovery Plan. Essentially, a business must go on regardless of any type of interruption. If that requires manual systems to be brought up and be put into place, which is sometimes the case, then a good contingency plan to do this must be well-thought-out and everyone needs to know their part. Building a Business Continuity Team is the important first step and as it must include sponsors at the decision-making level. Additionally, the CISO, CIO, CFO, Legal, Human Resources, and Risk also need to be on this team.” – Richard Greenberg, Founder and CEO of Security Advisors LLC.

Make Sure Recovery Locations Are Useable

One of the biggest lessons people have learned during the pandemic is that business continuity planning needs to account for the fact that the recovery location(s) might also not be usable. The option of working from home was always viable but it was assumed by business continuity planners to be only a few employees and not the entire business. 

COVID totally put that idea out to pasture. The idea that everyone would have to work from home was a total game-changer. Organizations were caught without equipment to make WFH viable thus having to rely on bring your own device (BYOD) which brings a lot of potential risks as well as finding ways to minimize and manage those risks. Some had to re-engineer multi-factor authentication (MFA) to allow for use of Google and Microsoft Authenticator solutions by their employees. They found that their infrastructure was unable to scale, even in the cloud.” – Jeff Hall, Senior Manager of Auditwerx.

Don’t Forget Security

An effective business continuity plan enables employees to continue their work safely and effectively, no matter the circumstances. When working from home, cybersecurity should be one of the main aspects of the continuity plan. 

“To make security stringent your company should follow basic and advanced cybersecurity measures. Always prefer using a secure remote access solution as it provides you with security and privacy over the internet. Similarly, always encourage using systems issued for office work only. Additionally, make sure that your official documents are only shared with the restricted persons this way no irrelevant person will be able to open it even if it’s shared over email. “- Shahid Hanif CTO and Co-founder of Shufti Pro.

Educate Your Employees

Educating your employees about the new security protocols and technology being implemented is an integral part of business continuity. This requires more than just a single briefing, but instead, a regular and ongoing plan of educating employees. 

“With everyone working remotely, it’s a mistake to suggest that the business security only falls on the IT and security teams. Organizations should schedule a virtual security session to prepare employees with the new tools and protocols that the business has implemented. Additionally, security teams should educate employees about the different security risks and attacks that are on the rise with everyone working from home. By educating your staff you will be one step ahead of potential attacks and risks inside your organization.” – Sivan Tehila, Director of Solution Architecture of Perimeter 81.

Test Business Resiliency Capabilities

Given the new and possibly unique user requirements working from home under the current circumstances, are real-time operating systems and a recovery point objective and determined in a pre-COVID world still reasonable, logical, appropriate under the current operating conditions?

“By continuously testing your ability to recover critical business processes with your entire recovery team not being physically in the same location you will be more as a business. I suggest that you check if you can effectively coordinate your recovery team and individual assigned duties via communications tools such as Zoom and Webex. Additionally, you need to check if individual recovery team members have, at their home locations, sufficient Internet capacity to coordinate recovery activities (with multiple other company employees), while at the same time competing for local bandwidth with other in-home Internet capacity demands.” – Al Marcella, President of Business Automation Consultants.

Moving forward 

While COVID-19 will pass, the different actions and experiences can help businesses moving forward. With the right business continuity plan in place, you can provide transparency with your business in the case of recovery should another pandemic or emergency occur. The stronger the business continuity plan the fewer future headaches. 

Read More
Choose SASE for better performance and security
Don’t Neglect SASE’s Impact on Network Performance
Reading Time: 3 minutes

In the end-of-2020 cybersecurity word cloud – a swarm in which floats the most frequently seen, heard, and spoken words in the industry – one four letter acronym will appear bigger and bolder than all the rest: SASE. When discussing Secure Access Service Edge, most of the excitement surrounds its unifying characteristics and how IT finally has a consolidated tool for both networking and security from the cloud.

SASE will improve security and make it easier to achieve, but along with this simple idea comes other benefits. Anticipated less frequently (given that these solutions aren’t being widely consumed yet) is how SASE also delivers better performance across the organization in terms of throughput and productivity. Performance is a complement to the security delivered to companies, thanks to multiple factors including SASE’s presence on the edge, its low-touch quality in terms of IT effort, and the clarity it brings to networks.

A Measurable Network Boost

A central tenet of SASE is that the network is no longer organized around resources that are held in the headquarters, so security needs to match this arrangement. SASE therefore exists in the cloud where its network security functions can be easily integrated into both local and cloud architecture, and managed from a single panel. 

Key to the networking chops of SASE is that providers with a global backbone of data centers are able to put resource access portals closer to where employees and branch offices reside. Instead of every employee connecting to the same resource through a single point, they can do so with their individual devices through gateways nearby. This offers employees around the globe lower-latency access to the tools they need for work.

Speed is increased further due to the lower amount of network congestion that occurs due to SASE’s user-focused access policies. Because it’s built on SD-WAN, organizations using SASE for distributed, secure remote access are able to also create custom rules for certain sources of traffic. This reduces the bandwidth allowed to low-priority users or guests on the network, for example, and it all happens with rules that trigger based on granular qualifiers such as location, device, role and more. With the visibility that SASE provides over network endpoints and resources, it’s easy to “direct traffic” autonomously and efficiently.

Finally, since SASE is a unified solution, customers of a single SASE provider such as Perimeter 81 have multiple choices even within individual security tools. For example, if a company’s network is seen to enjoy faster connection times and lower latency while using the WireGuard encryption protocol, instead of the IPSec or SSL protocols available with other vendors, then they can freely switch to it or even create rules that determine under which traffic conditions these various protocols are applied.

For IT and Employees, SASE Aids Productivity

With traffic controls, segmentation, better visibility and local gateways pushing resources to the edge, it’s no wonder that networks on SASE run seamlessly and smoothly. However, that’s only half the equation. SASE also reduces costs and simplifies the processes that IT engages in, which improves departmental performance significantly.

IT employees no longer have to navigate several different misaligned security solutions each with various ways to control access – they need only to login to their centralized SASE panel, on which all functions related to networking (access policies, segmentation, creation of users and groups, traffic rules, gateway building etc.) and security (enforcement of tools like 2FA, DNS filtering, encryption etc.) reside. 

The sheer amount of time saved maintaining, patching, configuring, and returning to the same tools every time the organization adds a new resource or user is astounding. Not only does this cut costs in terms of the raw number of solutions managed by any organization, it also cuts the burden of time invested from IT’s side, and gives IT managers more leeway to assign proactive, performative, and potentially profit-seeking IT activities to their staff.

With SASE as a multitool – almost a Swiss Army knife of network and security functionality – organizations can clean house and quickly consolidate the various security vendors and subscriptions they used to consume. Suddenly having the same total utilities but concentrated into one tool is a self-explanatory advantage, but the residual benefits – mostly performance related – will be more visible as SASE gains market share.

Read More
Podcast Ep.4 - Blog-min
Your Security Strategy Is Only as Strong as Your Security Hygiene
Reading Time: 4 minutes

Listen to this podcast on iTunesSpotify or wherever you find your favorite audio content.

In this edition of the Beyond the Perimeter Podcast, we discussed the Promo.com data breach and interviewed Sivan Tehila, our very own Director of Solution Architecture,  to gain her insights about security hygiene. 

Breach of The Month: Promo.com

On July 21st, Israeli marketing video creation site Promo.com announced that a database, which contained over 22 million user records, was hacked and leaked for free on a hacker forum.

The data included users’ email addresses, names, genders, geographic location, and 2.6 million of the users, their passwords. This leak included 1.4 million cracked passwords, which is when passwords are decrypted and could immediately be used by attackers.

After the public leaking of their database, Promo.com announced a data breach notification saying they became aware of a vulnerability on a third-party partner’s service that affected their data. If you are a customer of Promo.com, I suggest you should immediately change your password to one that is strong and unique.

If you use that same password on other sites, it is strongly advised that you change your password to a unique one at those sites as well. A password manager can make it much easier to use unique passwords at every site and is highly recommended.

In this episode, I talked to Sivan Tehila to get a better understanding of the importance of proper security hygiene and why it’s a shared responsibility between employees and organizations. 

Military Experience Shaped Her Career

Many career coaches will bring up the idea that your life experiences will help mold your professional career over time. This was especially true for Sivan when it came to her time in the IDF. “I started my security journey in the Israeli Defense Forces as a cybersecurity specialist. If you would ask me before I joined the army, if I would work in cybersecurity as a career, I would say no way. But thanks to the IDF I was exposed to the fascinating world of cyber and the fact that I had a chance to participate in cybersecurity operations and to get that perspective from the army, I fell in love with the dynamic profession. It makes it even more interesting to me and that’s why I love the cybersecurity world, that no day looks like the day before.”

When asked which cybersecurity tendencies she uses in her day to day life in cybersecurity professionally, Sivan discussed how people need to embrace the day to day uncertainty in cybersecurity. “The fundamental thing in cybersecurity is to understand that no day looks the same as the day before. By people understanding and embracing uncertainty it will help them to manage their day to day life.”

Sivan believes the same approach should be taken when it comes to cybersecurity strategies. “I believe that by building a cybersecurity strategy, it’s the right thing to do before you start any project in cybersecurity. You need to understand the environment, threat factors and the attack factors. By having a better understanding of the situation, you will be able to manage and build different solutions for each environment while still being able to operate in such a dynamic environment and responding in real-time in case of an incident. We’re seeing it now with the current situation with the pandemic and the fact that many companies are practicing for the first time their business continuity plan.

“If you have a strong strategy and an updated business continuity plan, you could succeed and get over this crisis. But if you don’t have it, it just takes more time and more effort to be able to overcome this challenge.”

Organizations Are Not Thinking About Security  

The lack of security hygiene for organizations and its employees isn’t new especially when it comes to modern cybersecurity. According to Sivan, the current pandemic highlighted most organizational security mistakes. “When COVID-19 came most companies focused more on the communication between their employees and the company and less on security. Organizations were more worried about how they could communicate via Zoom. I think many of them left the security procedures behind and when they understood that they had to worry about security, for some of them, it was late. It was the regulations that enforced them to apply security procedures and policies.”

When asked about where she learned her security insights and how organizations can implement them, Sivan mentioned how most organizations lack security awareness. “I experienced many security incidents during my service in the army and when I worked for different defense industries in the private sector. The most common issue I experienced was that most organizations lack cybersecurity awareness. The best way to learn and improve awareness is by building a stronger security strategy. An example I experienced was when I built security campaigns and I created a phishing campaign in one of the companies that I worked with. When I scheduled a phishing campaign and I got an email the morning later with the campaign that I created and I did such a great job. So I was the one who clicked the phishing email. I think that was a moment when I understood that it can happen to everyone and that we all are vulnerable.“

Security Hygiene at the Forefront 

When discussing if employee security hygiene is strong, Sivan commented on how employees need to be properly trained. “I think it’s an ongoing process. I mean it’s never enough to just do one time an awareness workshop in a company. It’s something that you need to train your employees all the time. Awareness is something that you should build over time while you need to make sure you keep your employees aware.

“In order to make sure your employees are up to date, training is not enough. For example, organizations should run quarterly phishing campaigns and quarterly workshops that remind employees all the time that security and hackers never sleep. Security awareness has to be always in their mind.”

Sivan emphasized how hackers easily trick employees. “My prevention tips for employees are they shouldn’t just click on a link or open attachments from emails you are not expecting or from unknown senders. Even if you know the sender, still check it twice. Make sure that the sender is someone you know and you were expecting to get that email. Check the URL of the sender to make sure that it’s a legitimate address and remember that companies like banks and the government won’t put a web link in their email to you. They will usually instead advise you to visit their web page and log in through the web page.”

To hear the entire interview with Sivan please listen to the full podcast here. You can follow Sivan on Twitter @securitywitch

If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on iTunes or wherever you listen.

Read More
Defend Crypto Attacks
Profile of a Cybercriminal: Cryptocurrency Attacks
Reading Time: 4 minutes

 

It’s true that data has value – just look at Google and Facebook’s business models – but blockchain and cryptocurrency take this idea literally. Cryptocurrency is a literal term because for its hordes of users, cryptography fulfills many of the characteristics that are required to define a “currency”, such as verification of ownership and transferability. Data’s value, on the other hand, comes from the information it holds.

The cryptocurrency model has worked so far, and so naturally, people want to steal it as much as they do data or paper money. Metaphorically, hackers might perpetrate a smash and grab job to steal an organization’s data, but cryptocurrency can sometimes involve more subtle attacks of a different kind – even if the company doesn’t have any cryptocurrency in the first place. Learning to recognize these attacks and others is vital for achieving a proper security posture.

A Blockchain Breed of Cyber Threat

Thanks to blockchain’s unique style of decentralized networking, companies will encounter a new type of attack that isn’t the outright theft of data, a DDoS attack, or something similarly brash. It revolves around the core idea of decentralization that defines blockchain:  that computing power needed to serve users of blockchain websites or apps isn’t generated by a server on the grid. Instead, it’s shared between participants – ideally regular people who use their own computers to support the network.

But hackers exist to turn innovations into weapons. They’ve begun designing attacks that hijack remote PCs to do this, even corporate endpoints, and these attacks connect affected PCs to the blockchain, enslaving them in service of the chain. Crypto mining scams steal a small, nearly untraceable amount of CPU power – even from an employee’s mobile device – and essentially donate it to a blockchain that then rewards the hacker with cryptocurrencies that are then sent to their wallet.

Employees don’t even have to download anything – merely browsing the wrong website is enough. The popular CoinHive program, for example, can steal power from tens of thousands of PCs at once, and stays active even when users close their browser windows. Once a person lands on an infected website, it opens a tiny window hidden under the Start icon on the Windows OS desktop, so CPU power continues to be siphoned off even if the main window is closed. 

For IT teams looking to defend against drive-by crypto mining, it is possible with a two-pronged approach that uses both DNS filtering and advanced network monitoring utilities. The first line of defense is the DNS filter, which can proactively block sites that are known to be infected or those likely to be (using “bitcoin” as a blacklisting keyword for instance). Monitoring can then keep a close eye on bandwidth usage over the network, ensuring that all network bandwidth is being used for the company’s benefit. 

Crypto Scam Defenses Combine Old and New

In a reversal, attacks might be perpetrated from your network and not against it. An employee might mine on his or her company laptop, or if they were especially malicious, use company resources like the website to purposely infect visitors’ or users’ PCs to mine coins. This may have been the case with popular tech support tool LiveHelpNow, a widget which was installed on thousands of customers’ networks to provide their users with easy access to support – but also secretly provided one malicious hacker with a personal stash of Monero coins.

The Zero Trust security approach, achievable with software-defined networking tools, contains elements that would help identify strange network behavior but also institute least-privilege permissions to employees. These would filter who gets access to specific resources on the network. If LiveHelpNow had a rogue employee compromising its product, perhaps limiting access would have stopped them from sneaking in code that affected customers.

For organizations, it’s also important to remember that not all cryptocurrency attacks are this subtle theft of processing power, there are also the more noticeable and devastating network breaches like those meant to steal data. Some of the biggest ransomware attacks infiltrate the network and encrypt important files. They make themselves known by demanding a ransom in cryptocurrency to unlock access to the files, but a classic cybersecurity defense is effective against these events: firewalls, backups, and traffic encryption.

Ransomware can easily make its way into the network when a remote employee connects to resources on an unmanaged device or through an exposed Wi-Fi connection, so enforcing VPN use is bare minimum. Users shouldn’t be able to access resources without encryption, and firewalls are helpful in identifying suspicious traffic and deterring it. Finally, regular backups and patching go a long way to making ransomware attacks harmless – backups mean that data ransoming is pointless, while patching prevents the biggest OS exploits much like with the bitcoin-rich WannaCry worm, which took advantage of weaknesses in Windows 7 and 10.

A Blockchain Re-education

Only a comprehensive security model, one that’s classically equipped but updated with new training against its new foe, is capable of claiming confidence against cryptocurrency scams. From new types of attacks to familiar ones that have an alternate purpose, organizations should ideally go for a multilayered approach in order to put their concerns behind them. Educating employees, as it is with non-crypto attacks, is vital as well.

The decentralizing ideas that define cryptocurrency are all about empowering individuals, but unfortunately, the wrong individuals can feel empowered as well. It’s useful to remind employees how to resist temptation and improve their habits, and also to prepare networks for a younger generation of attacks that manipulate them in new ways.

Read More
An Exciting Announcement: Perimeter 81 Raises $40 Million in Series B Funding Led by Insight Partners
Reading Time: 3 minutes

Today truly marks a milestone for Perimeter 81.

We are so proud to share the news that we have raised a Series B round of $40 million, led by a premier VC and private equity firm, Insight Partners with the participation of Toba Capital and our existing shareholders. The financing represents a giant leap forward in our efforts to simplify and modernize the way businesses consume cyber and network security.  

It will help support our rapid growth and accelerate our hiring and development, it will further our disruption of the traditional VPN and Firewall markets and most importantly, it will allow us to create the best possible service for you, our valued customers and partners.

We’d like to take this opportunity to reflect on the past and look to the future —  sharing the vision that has driven us so far, and our hopes and aspirations as we move forward.

It All Started with a Vision for Change

Back in our early days as startup founders, when we were working part-time at large enterprises, we had to deal with outdated and complicated network technologies on a daily basis. These were the only choices available to securely access corporate resources. And while these tools were so critical to maintaining employee productivity, they were also incredibly difficult to use.

The first company we founded was a personal VPN service that allowed consumers to browse securely and privately over the public Internet. With this business, we were able to learn how to build highly scalable and global network infrastructure, as well as design a single-click cybersecurity product for the end-user.

During that time, we often reflected on our enterprise experiences. We believed that innovation in B2B network security was necessary and that we could apply what we learned from creating a service for consumers to create a much better experience for businesses. And so, Perimeter 81 was born.

Remote Work Became the New Reality

Three years ago we noticed two key trends in the modern workforce: Cloud and Mobility. Many companies started to migrate their entire assets to cloud infrastructures and the employees — they were working from different locations across the globe. With that in mind, we understood the huge potential and immediate need for a change in the cybersecurity landscape.

We assumed that in the next 5 to 10 years there would be a complete digital work transformation, but in March of this year, everything changed in the blink of an eye. COVID-19 spread across the globe and as it evolved from an epidemic to a pandemic, it forced companies worldwide to send their employees home.

Many new clients came to us in need of a scalable and reliable network security solution. Their site-centric and hardware-based legacy VPN solutions had severe licensing restrictions, or they were simply too difficult to manage — no longer accessible with the new work-from-home reality.

In tandem, our current customers turned to us needing to rapidly expand their accounts, as it was no longer specific teams but rather, their entire organizations that were now reliant upon secure remote access in order to stay productive.

This major global event clearly demonstrated to us the significance and importance of our vision to bring network security into the 21st century, and deliver a ‘one-stop-shop platform’ to house network and security solutions as a service under one roof.

Looking to the Future

As we look at our current global reality, one truth is clear: the future of network security is now. We feel fortunate to have the support of such amazing investors that recognize this truth as well, and want to help us propel a necessary market transformation.

We are thrilled that Insight Partners embraces our vision and shares our belief in the importance of transforming the way organizations are consuming cyber and network security. We’ve had a long relationship with them and have always been closely aligned on the significance of strong SaaS offerings and the value they bring to the market. 

This latest funding round will launch us forward as we build our complete SASE solution. With this platform, we aim to eliminate tool sprawl and consolidate fragmented legacy technologies — protecting businesses globally from large scale, and potentially devastating, cybersecurity breaches. 

On a company level, to support our vision, we are rapidly growing our talented team and hiring for multiple positions across our Sales, Marketing and R&D teams in our Tel Aviv, New York and California locations.

We are confident that in working together with our committed investors, dedicated employees and our valued customers and partners, we can continue to develop highly innovative network security solutions and further disrupt the industry — driving a new path forward to securely enable and fully empower our modern, ‘work from anywhere’ society.

Best,

Amit Bareket & Sagi Gidali, Perimeter 81 Co-Founders

For more information about our unique vision and SASE platform, click here.

Read More
Tool_sprawl
Tool Sprawl: Does Your Company Have Too Many Security Tools?
Reading Time: 4 minutes

Over the years, technology has designed the way we work and live today. As the world evolves and advances, technology does as well.  Just in the past century, we have seen unimaginable technological advancements that have shaped the way we work. Technology allows businesses and their employees to work quicker, be more productive and more efficient.

In the security sector, there is a new phenomenon that is affecting productivity. Today, businesses are shifting from implementing internal security solutions to adopting third party security solutions for their internal and external security.  

While adopting third-party vendor security solutions comes with many benefits such as saving costs and time, automation and more, a common challenge has arisen: security teams are using hundreds of security solutions in their security stack. Each solution provides security alerts that they need to fix manually. On many occasions, businesses will be using similar technologies for the same security challenges. This abundance of solutions offers the idea that security teams won’t know where to go when a security risk occurs in their business. 

What is Tool Sprawl?

The typical organization’s network is more complicated than ever. More resources are in the cloud than on-prem and  IT teams have enlisted a bevy of tools to regain the network visibility they need to ensure security. These tools are numerous, and while they may be able to provide visibility, orchestrating and managing them is difficult and unwieldy even for the most seasoned IT professionals. 

Tool sprawl is the idea of organizations investing in a range of products that make it harder for IT teams to manage and orchestrate the solutions. In the security industry, we see this challenge on a daily basis. While tool sprawl doesn’t happen overnight, it slowly creeps up with every addition of a new solution. 

Most businesses will adopt a new tool in order to fix a specific challenge and then before they know it, they will be using hundreds of tools that become unmanageable. Instead of fixing a problem businesses suddenly have added more challenges. According to a 451 research survey, the average IT and security team are using between 10-30 security monitoring solutions for applications, network infrastructures, and cloud environments. 

Tool sprawl isn’t just for businesses. In fact, the average employee experiences the challenge of tool sprawl in their daily work environment. According to a HubSpot survey, the typical employee is using more than 6 tools on a daily basis and the number will continue to expand. In every level of a business, the result of tool sprawl has become a burden instead of a solution to the problem. 

The increasing adoption of more solutions has created more consequences for organizations and their IT and security teams. The main repercussions that businesses will experience with tool sprawl is high cost and less effective threat response. 

Tool sprawl can get expensive as each additional solution is added. With each solution, employees are forced to be trained on how to use it and how it can relate to their day to day job. Over time this approach is extremely time consuming and not cost-effective.  

Secondly, tool sprawl lowers threat response time. By trying to manage a “Tool Sprawl” environment. Sometimes it might even put the organization at risk when it comes to identifying an attack or to incident response. Instead of responding fast to an attack, it will take the organization a long time to collect the logs and notifications and understand what kind of attack they are dealing with and what action they should take. 

Tool Sprawl Increasing Security Vulnerabilities  

Today’s cyber attacks are more sophisticated and harder to detect – which means sensitive data is more vulnerable than ever. Organizations are adapting to the new threats by moving all their networks and resources to the cloud which has resulted in an increase of misconfigured and exposed deployments of various software. 

This fact, together with ensuing hybrid IT complexity, is creating new security challenges for IT teams. Many organizations choose to implement a range of innovative security technologies in order to deal with the new-generation threats. Implementing those solutions seems essential to IT managers for improving visibility across cloud deployment but the adoption of more solutions to their security stack creates more security risks. 

The result of tool sprawl is diminishing the visibility across employees’ devices and networks which are trying to connect to cloud resources. With the lack of network visibility due to tool sprawl, security teams will experience delayed threat response time and not knowing which tool will fix that specific security risk. By not knowing which tool to use when a specific attack occurs, the organization’s resources and networks will become more vulnerable than before.  Additionally, tool sprawl can provide another challenge for IT and security teams by accidentally creating a lack of confidence in employees’ ability to monitor and enforce fixes when a security risk is presented.

While tools are numerous and they may be able to provide visibility, orchestrating and managing them is difficult and unwieldy even for IT professionals. How do we fix the issue of tool sprawl?

The Emergence of SASE Could Finally End Security Tool Sprawl

In order to gain a high Return On Investment (ROI) with third-party security solutions, organizations need to rethink their security approach. Instead of adopting many different cyber solutions and vendors, organizations should look to implement an easy to use unified platform where they can manage and consume security solutions from a range of different vendors through the cloud as a service.

This new approach will allow organizations to easily consume network security solutions that can be easily integrated with each other all in one platform. This is where the SASE model comes into play.

The Secure Access Service Edge (SASE) model is the idea of combining the key elements of network and security solutions into one unified cloud platform to be delivered as a service. The ideal features in a SASE platform are ZTNA, SDWAN, CASB, FWaaS and others. This unified platform will help organizations to simplify secure access and security to resources and networks on the cloud.  

The emergence of SASE will consolidate the essential network and security functionalities for easy consumption within a single product. When these solutions become the norm, IT teams will be able to more easily manage security, achieve network-wide visibility (even across cloud deployments), and reduce costs, readying themselves to be agile and cloud-confident for the future. Over time, organizations will start to adopt this more unified platform approach which will dissolve the challenge of tool sprawl.

Moving Forward 

As more organizations continue to adopt numerous security tools, they will need to rethink their security strategy to avoid security flaws such as tool sprawl. However, if organizations continue to ignore the fact that too many security products are causing more risks, then those organizations are opening themselves up to potential breaches and poor management which will all point to tool sprawl. Instead, businesses should look for more simplified unified platforms like the SASE model to solve the issue of tool sprawl.

Read More
Security Solutions Escort Banks Through the Cloud Shift
Reading Time: 4 minutes

Data is a commodity that has value just like any other: It can be used to pay for products and services (most free apps use your data in exchange for access), it can be bought and sold, and as we all know, it can change hands. Unfortunately, it doesn’t always fall into the right ones, and so for a bank – which is responsible for both our money and our priceless financial data – security is of the utmost importance.

As they say, “If it ain’t broke, don’t fix it.” So most banks having already found the right security approach for their legacy, closed off, and internal IT systems means that they are hesitant to embrace new technology – this might tip the scales in the favor of hackers. It might also make them more profitable, but upgrading infrastructure comes with new security complications that are a roadblock – because a data breach trumps any business advantage. Right now, cloud technology is in the epicenter of this dilemma.

Is the Cloud a Compromise?

If there are two sides of the fence, on one side is the cloud’s immense potential for bank customer service and competitiveness, and on the other, the need for significant investment and security due diligence that comes with any change to the status quo. The cloud can help banks diminish their core costs and overheads by eliminating hardware and the need to maintain it. It can also help to roll out new financial products and services to customers more quickly, and scale them inexpensively as demand waxes and wanes.

Despite these benefits the transition to the cloud is daunting, and outside of retail or commercial banks, it is happening at a snail’s pace. Of total spending on the cloud, banking accounts for only 10.6% in 2020, according to IDC. Reasons for hesitation include difficulties configuring cloud solutions to both work together and with legacy tools, which may create unanticipated (and intolerable) gaps in defense. Furthermore, banks may feel as if they lose control by offloading internal processes to third-party cloud providers, putting them at these providers’ mercy. Compliance is an obvious issue to be concerned about as well, and the extra degree of separation between banks and their cloud-based resources doesn’t inspire confidence at first.

This hesitation is more unfounded as time passes, however, because the cloud is changing quickly and so is the security surrounding it. For their part, banking perspectives on the issue are changing in tandem.

Lift, Shift, and Uplift

Banks can now be relatively confident that security will be tight as they embrace the cloud, since data isn’t the only thing that’s been commoditized; so has security. Cloud providers invest heavily in their defenses and for many industries, they offer greater safety out-of-the-box than customers can achieve with their own investment in IT. Banks appreciate these assurances, but still have enough at stake to need more. 

In their efforts to avoid a long and complicated process, reduce risk, and front load cloud benefits, executives sometimes see cloud adoption as an “all or nothing” idea. However, the “lift and shift” approach is getting more traction, as it moves parts of their infrastructure to the cloud in piecemeal fashion, based on the importance of the workload and other factors. Many banks are adopting this hybrid cloud model and taking their first baby steps into the 21st century, but if the piecemeal approach is going to be taken, their networks will get complicated quickly and will be in constant transformation. 

This requires a security solution that is more comprehensive than what providers offer, and one that can flex as the network perimeter shifts.

Elastic Security for an Extended Transformation

A bank requires a simple security solution that makes data protection easy, no matter how mix-and-match their infrastructure looks during the various stages of its cloud migration. While hybrid cloud models help banks meet the expectations of demanding and digitally adept customers, they also allow banks to keep sensitive processes internal, and to encourage data protection in diverse environments. Hybrid cloud security is also easier for banks to obtain these days, with SaaS security solutions that more easily integrate into both local and cloud environments.

Network as a Service products help IT professionals apply a plethora of security tools such as DNS filtering, Wi-Fi security, VPN encryption, and multi-factor authentication across the various resources that make up a bank’s network – no matter if it’s local server storage or a popular software consumed “as a Service”. The seamless level of integration covers more bases as the network slowly migrates to the cloud, but NaaS is also especially suited to the hybrid approach because it allows IT to segment the network and restrict access within it, not just into it.

Accordingly, just-migrated bank resources can enjoy multilayered security and yet also be inaccessible to only the roles (and devices) held by IT higher-ups, until they are confident that compliance is achieved. Security can be easily tuned to the changes made to a bank’s network throughout its cloud transformation, with scalable and secure access policies and a quilt of tools that will have any hacker think twice about attempting to get at its data. With time otherwise spent on maintenance, IT is freed up to pursue profit-seeking initiatives.

Security Ups Its Game for a Tough Customer

It takes a lot for banks to be confident in their security, but cloud advancements have extended to security ideas, and make upgrading infrastructure a win-win proposition. With confidence in the cloud’s compliance and safety, banks are able to morph in pursuit of better service, without concern for how customers or their data are affected. Now that this piece of the puzzle is finally in place, banks can go full speed ahead into the cloud, and soon, customers will feel the change in both better financial services and the gradual yet pronounced lack of big hacks hitting the headlines. It’s hard to estimate which will be more welcome.

Read More
Podcast-Ep.3-
Hacking with a Purpose: Life as a White Hat Hacker
Reading Time: 6 minutes

Listen to this podcast on iTunes, Spotify or wherever you find your favorite audio content.

In this edition of the Beyond the Perimeter Podcast, we discussed the Twitter hack which saw many famous celebrity accounts being hijacked which resulted in spreading a cryptocurrency scam. We also interviewed Len Noe who is a white hat hacker and cyber security specialist.

Breach of The Month: Twitter Hack

On July 15th we saw one of the most high profile breaches of the year. At least one hacker known for hijacking high-profile Twitter usernames gained access to an internal “admin” tool on Twitter’s network, hijacked a ton of celebrity accounts — Joe Biden, Bill Gates, and Elon Musk to name a few — to spread a cryptocurrency scam. The hacker made over $120,000 in just a few hours. But how the hacker got in and whether an employee helped remains a mystery. It is likely the hacker found their way into Twitter’s Slack account where they found a set of credentials. 

Twitter announced that the hack was done through social engineering. In this type of attack, hackers tend to trick their victims into providing their login credentials for access. Some 130 accounts were affected by the breaches. Twitter later said eight users had their data downloaded — including their DMs. But the company refused to say if the hacker read anyone else’s DMs — even though they’re believed to have had access. The breach could’ve been so much worse, even having serious implications for national security, given that this is an administration that frequently uses Twitter to dictate policy. On July 31st, authorities arrested the  17-year-old hacker who was behind the hack.

In this episode,  I talked to white hat hacker Len Noe to get a better understanding of why hackers might transition into becoming a white hat hacker and why organizations should look into implementing white hacker programs, 

Attracted to the Art of Hacking Early On  

Most hackers will tell you that their interest in hacking started at a young age. In Noe’s case, it started when he learned he could make small code edits which would change the outcome of a program. “I got into hacking early on. It all started for me back in the Commodore 64 days and the truth is there was a magazine that you could get that would actually give you some very simple, rudimentary programs that you could write for your Commodore 64 and the one that got me was Frogger, the old video game.

“During the time where I was trying to code the game, I messed up some of the code while I was programming and for some reason my frog would not die. It just opened up a whole new world to me if you do something in the background, it can affect what’s going to happen. So that was kind of what really sparked it for me was the idea that I was in control and even though the way that the game was supposed to be played, I could play the game the way I wanted to play it.”

Unlike today where hackers can easily find online different how-to guides and learn from other hackers, back in the ‘80s, Noe had to learn the trade through trial and error. “It was mostly trial and error. I mean you got to remember, this was back in like the pre-Pentium days. We’re talking 386 DX2, 486 with the math coprocessors so you could have the floating decimal point. There were a lot of bulletin board systems and many techniques came from a good understanding that I don’t think a lot of people get these days.

When I was going through this originally, this was when the personal computers were first coming out. You learned how to use a terminal and it was before any real GUI, before OS was available. I just knew how things worked and it was a lot of trial and error and logging in to other like-minded individuals like myself who are into this kind of thing and it was kind of the pre-birth of the hacker collectives. I mean we weren’t hackers at the time because there really wasn’t a term. At the time, we were just geeks.”

Evolving From a Black Hat Hacker to a White Hat Hacker

Life as a black hat hacker early on wasn’t as dangerous as it is known today according to Noe. “Being a black hat was simpler, at the time, there was no real hacker. There wasn’t any kind of GDPR or any type of disclosure laws in the US. You know, if you got caught hacking, they would slap your hand. Maybe you weren’t allowed to use a computer until you were 18. But it wasn’t until after the 9/11 incident in the United States where any type of hacking really started to become a major issue and started to command heavy jail times and fines.I was always very interested in hacking and I always have had that innate sense of wanting to know not just the fact that it worked but how it works. My father was a mechanic and always told me if you understand the basics, then any of the complicated things become very simple if you break it down to its rudimentary form.”

When asked why he transitioned from a black hat hacker to a white hacker it was simple for Noe. “I don’t like the idea of state-funded vacations. The idea of being locked away just really didn’t appeal to me. I mean I’ve never been one of those – even when I was a black hat, I was never one of those kinds of guys that would go after people and try to steal their personal information or try to ransomware somebody or blackmail somebody. For me, it has always been more about just the puzzle and I like those people who always say, ‘I’m secure.’ Really? Let’s test that theory and I’m a firm believer. If you think you can get into my stuff, come on. If you can get past the securities and the preventative measures that I’ve put in place, then you deserve it.

“For me, it was always am I smarter than the guy that set up the security? I know there are people better than me and there’s an old expression, Those who exalt themselves will be humbled but those who humble themselves will be exalted. Be humble with your security. Know what you’re doing and don’t brag. I’ve seen it so many times in my life where they’re those people who are basically taunted to attack and they always wind up sorry for it in the end.” 

Implementing White Hat Hacker Programs 

Over the past decade, we are seeing more organizations stepping up their internal security team. Noel believes implementing white hat hackers in the internal security teams comes with its advantages. “I think having a red team and white hats on staff is a great idea. It keeps you fluent. It keeps people updated on the types of attack factors that are new and it’s going to keep fresh eyes and people that are actually in this community. 

“But at the same time, I also think that even if you do implement a red team or a white hat on your payroll, I think once a year, it’s still a good idea to get an external pen test done or invoke the services of a third party just to keep everybody honest. Always look at security from the sense that it is going to always be as strong – only as strong as your weakest link. Get those fresh eyes and unbiased opinions every now and then. Keep your red teams and your white hats on staff just because these are people that are going to be tuned into what’s going on and what’s current.”

Endless Amount of  Resources Available 

When asked what his advice is for young security enthusiasts looking to become a white hat hacker, Noe emphasized on the importance of taking advantage of the numerous resources online. “ Play, get out there. YouTube is an amazing resource. But study up on YouTube. The one thing I will say about the cybersecurity community is for the most part, we are pretty open with our information. Go to our GitHubs. Go to our YouTube channels. You will find gists of information. You will find example videos of different attack scenarios and different attack applications. 

“I have a GitHub repo on my GitHub that is just links for new cybersecurity people. You know, sites like Packet Storm, Vulnhub. One of my biggest recommendations for newbies and a lot of people think I’m stupid for making this recommendation. Vulnhub, if you’re not familiar with it, is a site where you can just go download premade capture-the-flag VMs for VMWare or VirtualBox and a lot of the times, you can actually go to Google or DuckDuckGo and you can search for a walkthrough of that capture-the-flag. For newbies, it’s a great way to actually see and walk through the entire process and at the end of it, you actually are able to complete the capture-the-flag.”

To hear the entire interview with Len please listen to the full podcast here. You can follow Len on Twitter, Github, Youtube and SlideShare. 

If you enjoyed listening, don’t forget to subscribe so you never miss a new episode. Please also consider rating the podcast or leaving your feedback on iTunes or wherever you listen.

Read More
Sauce Labs Webinar - Blog BG - 768X432
6 Tips to Securely Manage a Global Remote Workforce
Reading Time: 3 minutes

Written By: Justin Dolly, CSO, Sauce Labs

With the global COVID-19 pandemic still raging in many countries around the world, many workplaces are still remote and will stay that way for the foreseeable future. Given this, how do we support high levels of security in a remote workforce, all while maintaining required levels of productivity? It’s a challenge for IT teams, to be sure—but not an insurmountable one. In this article, Sauce Labs CSO Justin Dolly offers six tips for teams wrestling with this conundrum.

1. Be Flexible

Security has to be present wherever remote workers are, and it must enable employee productivity, not prohibit it. If we aren’t flexible enough with how we’re asking employees to get things done, they may take matters into their own hands and go elsewhere, thereby opening up your organization to vulnerabilities.  It’s important to communicate to your users the security technologies and processes that you’ve put in place and to ensure they are robust and flexible enough to support a workforce that’s remote.

2. Encrypt All Drives

Laptops and mobile devices can present a huge risk. Encrypting drives can protect organizations from accidental data loss. If an employee accidentally leaves a device at a coffee shop, for example, the organization can feel secure that the sensitive data and the business at large will not be compromised thanks to the encryption capability in place.

3. Enforce Multi-Factor Authentication (MFA)

Enforce multiple layers of authentication for access to any system of information that is deemed sensitive. Modern, adaptive methods should be employed since two-factor authentication has been compromised in certain scenarios.

4. Don’t Forget the Endpoints

Your security program needs to provide a 360-degree view of what employees are using to access company assets. BYOD is an ongoing concern especially in a remote environment, so you must put security measures in place to know which endpoints have access to what resources. Also, Intelligent software installed at the endpoint will protect devices from modern malware and provide the necessary visibility at the endpoint.

5. Implement Both Defensive and Offensive Strategies

Defensive measures include tools that make it difficult for your environment to be attacked. Offense means you need to constantly be testing yourselves to make sure the defensive elements you put in place are working as they should. This may be more difficult in a remote environment, but it’s no less important.

6. Don’t Just Communicate—Overcommunicate

Communication is always important, but especially during a time of remote work. When everyone is dispersed to their homes, it’s critical to be in close touch when you can’t get into a room with everyone to hash out plans. This goes double for dealing with a security incident and roles and responsibilities must be clearly defined and communicated, along with the critical network and data recovery processes that are needed for the team’s incident response. Even outside technical teams, communication about security issues is paramount: You need to respond to all stakeholders, whether inside or outside the company, in a timely and appropriate way.

Conclusion

The remote workforce has shined a light on the importance of security. At Sauce Labs, we talk a lot about digital confidence, meaning that we enable organizations to feel confident that their web and mobile apps are performing exactly as intended. As security professionals, we owe that same confidence to the customers using our Continuous Testing Cloud. Even and especially during a pandemic, we have the opportunity to address security and make sure remote work and other concerns don’t impact your business in a negative way. Following these guidelines will get you started on the way to successfully managing security for your organization—even while remote.

Perimeter 81 and Sauce Labs recently hosted a joint webinar about how organizations’ networks and connections must be secured in order to add another layer of protection against hackers trying to breach the testing environment. Watch the replay here.

About the Author

Justin Dolly is Chief Security Officer at Sauce Labs, where he oversees the development and implementation of the company’s long-term security strategy, ensuring its customers have the highest level of protection to support their digital goals. He is a Certified Chief Information Security Officer (CCISO) with more than 20 years of experience in building and implementing a culture of security within global organizations.

Read More
5G
Why Secure Network Access is the Key to 5G
Reading Time: 4 minutes

While technology continues to evolve, wireless networks are vital due to trends like IoT, smartphones, tablets and laptops. Now, just as 4G is becoming irrelevant for users and businesses, 5G is introduced. 

Since its emergence, 5G has taken the world by storm. The global phenomenon of quicker networks has everyone buzzing, especially tech companies. 5G offers companies faster and more reliable internet, with lower latency issues for their employees — no matter where they are or what device they use. 

As 5G is rolling out in the United States and companies are already reaping its benefits, enterprise networking is still in the early stages of the 5G revolution. The transformation of mobile networks comes with risks that cannot be ignored. Instead of solely focusing on the numerous benefits 5G offers, such as a redesign of mobile networks which enables efficiency, cost-effectiveness and greater agility, we need to also be aware of the new security challenges that come with developing and implementing this new infrastructure.

5G Security: An Ongoing Issue

With new network technologies such as 5G, security needs to be more involved during the early stages of development. This wireless network evolution will see many different shifts occur as 5G moves from early-stage to the norm for mobile networks. 

Mobile networks with security risks is not a new concept, yet the number of attacks from different endpoints is increasing as networks are transforming. Companies that are early adopters of 5G networks could possibly experience security threats due to their implementation of an early-stage version of 5G. 

Among the security challenges that 5G presents are visibility issues, increased exposure to attacks due to new entry points for bad actors, and increased risks from major dependencies on suppliers.

Network experts might recommend organizations not to implement technology that was designed for 5G networks as it comes with different security challenges. While this is taking a more cautious route, organizations need to rethink their entire security strategy when it comes to 5G networks. IT and security teams need to implement the right amount of security policies in place to secure their network for 5G. Without doubt risks and issues will happen with new technology but having a security strategy implemented will veer away from simpler security challenges that can occur with 5G. 

5G Security Challenges Aren’t a Quick Fix

When organizations are designing their network security strategy, IT and security teams are continuously taking the same approach, how quickly can we patch vulnerabilities while updating the network at the same time? Instead, organizations need to look at the entire security strategy, not just a quick fix.  One security risk often overlooked is testing new networks during the implementation period. IT teams will regularly run a group of network tests that check for common vulnerabilities and risks in the network. Once the tests are completed, the networks can be implemented.

Adopting the ‘set it and forget it’ approach when it comes to testing creates another challenge of its own. Without continuously testing your network for vulnerabilities and security risks you are putting your network at risk. 

IT experts might suggest that when first implementing new networks, your infrastructure needs to properly communicate and pass data from network to network. Additionally, you need to properly integrate the network security from your 4G networks to your new 5G networks. If this is not done correctly, your organization could experience major network security risks that could harm the security of your infrastructure and networks.  

Some organizations will try to fix 5G security challenges with the latest security solutions, even if they are not designed for 5G infrastructures and networks. These solutions could be a quick band-aid for your 5G networks but once your networks are implemented, the security challenges will become more obvious. With the wrong solution in place, it can create more endpoints and entry points for hackers to infiltrate. Instead of adopting different solutions for your network, organizations should implement a 5G friendly secure network access solutions to dissolve the potential security challenges. 

5G allows Smoother Secure Network Access 

As more and more organizations start to adopt 5G networks, they will experience the different benefits they offer such as quicker communication and low-cost deployment. These network benefits will enable their employees to connect and send more data to their network. However by more devices quickly connecting and transferring large amounts of data it can put a massive strain on IT and security teams when ensuring that their organization is connecting securely to the networks. 

To ensure that the entire organization is connecting securely to the new networks, IT and security teams should look to adopt models that are designed to make sure that the proper employees gain access to the network. One such model is Zero Trust Network Access (ZTNA). 

The Zero Trust Network Access model has gained popularity with organizations of all sizes since the rise of cloud adoption. While Zero Trust Network Access is not a new approach, it has become one of the more popular models to implement when fighting security risks that 5G present. By addressing your security concerns head-on with a Zero Trust model, your IT team will be able to fully monitor the network and user access activity. 

Adopting Zero Trust Network Access allows IT teams to specifically assign restricted access to users and their devices to their network, lowering the chances for hackers to infiltrate your network. Additionally, the Zero Trust model for network access will allow organizations to easily authenticate and establish the authorized access per user and devices throughout the network.

Moving Forward 

With the advancement of 5G, organizations will experience different security challenges in their network which will result in the importance of prioritizing full visibility and monitoring of its networks. With the proper authentication and identification policies in place and adopting a Zero Trust Network Access (ZTNA) solution, your network security will be more equipped for any 5G network challenge that is presented. 

Read More
FWaaS Prevents the Cloud from Going Up in Flames
Reading Time: 4 minutes

Firewalls are aptly named, because they stop the spread of flames beyond the wall, and help to preserve the building itself from falling down or burning to a crisp. The metaphor works just as well with malware defense as it does fire safety, but now that we’ve moved to the cloud en masse, “fire” can spread further and faster than ever. No longer are we protecting on-site resources. Our hardware and resources are thousands of miles away, and sometimes we don’t know if ignition has been sparked before it’s too late – for ourselves and the millions of others sharing the same cloud.

Firewall as a Service (FWaaS) has emerged to bring the concept of a firewall to the cloud, and among the other security tools that companies have relied on, it has been a helpful tool in escorting companies through a safe cloud transition free of malware and unauthorized access. But they haven’t always been as necessary as they are now. For compounding reasons, FWaaS is more than ever a mandatory component of the security toolkit in place for businesses of any size. 

Security’s Slow Cloud Transition

Resources moving to the cloud is a natural pursuit of more efficiency, which is a business staple. For organizations, it’s easier to consume storage and bandwidth as a service than it is to run the hardware supplying these things. For their part, cloud providers have also benefited immensely by switching from selling hardware to renting it over the internet. These are basic concepts to nearly everyone who has used computers in the last 20 years, but cloud computing is actually much older than we tend to realize, and this context is important to understanding the rise of FWaaS.

Though we like to think in terms of when we started uploading photos to iCloud or using Google Drive, cloud computing actually began way back in the 1950s with the first mainframe computer, and evolved from there. However, only recently have firewalls evolved alongside virtual machines and increased bandwidth availability through the internet, taking the very concept of a physical appliance, and transplanting it into cloud infrastructure.

Because security reacts to the trends happening elsewhere, and molds itself to be the antithesis to the latest attacks, it is always late to the party, and especially to the cloud as entertainment and commercial ideas took priority. This meant that firewalls weren’t on the cloud until many other things were first, so most companies still applied clunky physical appliances to their growing cloud networks. Another reason that FWaaS hadn’t appeared at the forefront of the cloud movement was because it’s purpose is to protect infrastructure, and IaaS (Infrastructure as a Service) didn’t become popular until long after SaaS.

The blooming of SaaS before IaaS was largely due to the ease with which a SaaS product can be hosted – even on a single machine under your desk – so it made sense why a physical firewall would suffice as SaaS matured. No longer. Now, the increasing embrace of IaaS and the wholesale movement of entire departments onto the cloud has meant that firewalls simply must be a part of this environment.

FWaaS is Now a Must

As companies move to the cloud, their IT teams have discovered that relying on old firewalls is more than inefficient for configuration and integration. It also reduces visibility over the network and resources within the network that are now a few degrees of separation from the office premises itself. The old perimeter guard approach, where firewalls are the sentinels standing inside the moat of the “network castle”, doesn’t work when resources are no longer inside the walls and are not thoroughly protected by cloud providers.

Moreover, a quickly-multiplying number of mobile devices are now connecting to these cloud resources, so IT teams struggle to define their network perimeter, let alone protect it. FWaaS solves this problem by integrating easily with third party cloud infrastructure, giving IT a looking glass into how users are accessing SaaS products such as Salesforce, AWS, and Google Suite, and the centralized, cloud-based access management panel for them to control traffic through these resources and fight malware.

Cloud Accelerating Changes FwaaS Too

As workers move from offices to their homes, FWaaS has become a central tool that IT teams can use to provide safer remote access. This idea hasn’t changed, but the way it’s being delivered to businesses is, as single-purpose security tools “as a Service” are going through the same cloud consolidation process that productivity and entertainment products did not long ago. Firewalls and other things like VPN tunneling and Single Sign-On are better for security in today’s mobile environment, but when orchestrated independently of one another are still risking network security.

This is why a new idea in the industry, SASE (Secure Access Service Edge) has zeroed in on FWaaS as one of its cornerstones. Security providers are racing to provide SASE platforms since Gartner introduced the idea late last year, but they must first collect and provide the tools that deliver SASE’s promise: unified network security on the cloud edge. FWaaS, CASB, SWG, MFA, VPN, and other security services are part of this single unified platform. FWaaS is one of the most important pieces of the SASE puzzle and one of its core functions, because it has a unique job that other components can’t do.

Thanks to growing SASE platforms like Perimeter 81 and the FWaaS functionality provided as part of this consolidated, cloud-native offering, organizations are able to aggregate their traffic effectively from all resources and enjoy total visibility across them, with no hardware involved. Though it’s true that the acronym FWaaS is now standing in SASE’s immense four-letter shadow, it cannot be discounted.

Because even alone, FWaaS has merit when paired with some other basic security tools like VPNs. Companies with simpler networks, a few SaaS resources, and smaller teams can rely on a basic setup like this to mime the cloud security chops of SASE until growth demands an even more scalable solution. FWaaS is central to a safe future on the cloud any way you slice it, and will 

Read More
CRN® Recognizes Perimeter 81 on the 2020 Emerging Vendors List
Reading Time: 3 minutes

Tel Aviv Israel – July 20th, 2020 – Perimeter 81, a leading Secure Access Service Edge (SASE) provider,  announced today that CRN®, a brand of The Channel Company, has named Perimeter 81 to its 2020 Emerging Vendors list in the security category. This annual list honors new, rising technology suppliers that exhibit great promise in shaping the future success of the channel with their dedication to innovation. The list recognizes channel-focused organizations across eight categories: Cloud, Data Center, Security, Big Data, Internet of Things (IoT), Storage and Networking/Unified Communications. 

This list recognizes recently founded, up-and-coming technology suppliers that are shaping the future of the IT channel through unique technological innovations. In addition to commemorating these standout companies, the Emerging Vendors list serves as a valuable resource for solution providers looking to expand their portfolios with cutting-edge technology. 

Partners of Perimeter 81 recognize the advantages of deploying cloud-based network security instead of traditional security solutions. Not only does this facilitate greater security and performance for their clients but also allows predictable recurring revenues and the simplicity of managing network security 100% remotely from an intuitively designed multi-tenant partner dashboard.

“It’s an honor to be named among the select few companies chosen as part of CRN’s Emerging Vendors in Security for 2020,” said Amit Bareket, CEO and Co-Founder of Perimeter 81. “This recognition not only serves as a validation of our success but it also demonstrates our channel-centric approach in delivering enterprise-level network security solutions to our partners.”

CRN’s Emerging Vendors recognizes pioneering technology suppliers in the IT channel that are driving innovation and growth. This list serves as a valuable resource for solution providers in search of the latest technologies.  

The Emerging Vendors list is selected by CRN’s esteemed editorial team. These vendors are inspiring the IT channel with groundbreaking technologies and best-in-class offerings that are elevating businesses – driving success with solutions built to battle the challenges of the IT channel. 

“CRN’s 2020 Emerging Vendors list recognizes vendors that are revolutionizing the IT channel with innovative solutions that meet the complex demands of our industry,” said Blaine Raddon, CEO of The Channel Company. “It honors inspirational new vendors that are driving channel growth with state-of-the-art technologies that will continue to shape the channel into the future.” 

The 2020 Emerging Vendors list will be featured in the August 2020 issue of CRN Magazine and online at www.CRN.com/EmergingVendors

About Perimeter 81

Perimeter 81 is a Zero Trust Secure Network as a Service that is simplifying network security for the modern and distributed workforce. Based in Tel Aviv, the heart of the startup nation and a global hub for innovative technology development, Perimeter 81 was founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali. Perimeter 81’s clients range from small businesses to Fortune 500 corporations across a variety of sectors, and its partners are among the world’s foremost integrators, managed service providers and channel resellers. Earlier last year, Gartner selected Perimeter 81 as a Cool Vendor in Network and Cyber-Physical Systems Security.

About The Channel Company 

The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers, and end-users. Backed by more than 30 years of unequaled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace. www.thechannelco.com 

Follow The Channel Company: Twitter, LinkedIn and Facebook 

©2020 The Channel Company, LLC. CRN is a registered trademark of The Channel Company, LLC. All rights reserved. 

The Channel Company Contact: 

Jennifer Hogan The Channel Company [email protected] 

Read More