Zero Trust Network Security - Perimeter 81
5 Non-Disruptive Tips to Get Started with Zero Trust Network Security
Reading Time: 4 minutes

Zero Trust is an alternative IT security model that remedies the shortcomings of legacy technology by removing the assumption of trust. Under the guiding principle, “Never trust, always verify”, Zero Trust restricts access to the entire network by isolating applications and segmenting network access based on user permissions, authentication and verification.

Conventional security models that “trust, but verify”, fail to meet increasingly sophisticated cyber threats, hyper interconnectivity, globalization and user mobility. By assuming everything “on the inside” can be trusted, these legacy technologies are, for the most part, no longer effective.

Zero Trust network security ensures policy enforcement and protection for all users, devices, applications and data, regardless of where they’re connecting from. This user-centric approach makes the verification of authorized entities mandatory, not optional.

The Benefits of Adopting Zero Trust Principles

Zero Trust provides adequate visibility, control and threat inspection capabilities that are necessary to protect your network from modern malware, targeted attacks and the unauthorized exfiltration of sensitive data.

By migrating to a Zero Trust architecture, organizations can experience several technical and business advantages, including:

  • Mitigating Data Loss
    Dramatically enhance your security posture and mitigate data loss via visibility, safe enablement of applications and threat prevention.
  • Effortless Compliance
    Simplify compliance with highly effective trust boundaries by segmenting sensitive resources into many small perimeters that are secured and segmented based on user policies and permissions.
  • Enabling Mobility and Virtualization
    Increase the ability to accommodate transformative IT initiatives such as cloud computing, infrastructure virtualization, user mobility, social networking and more.
  • Reducing TCO
    Reduce total cost of ownership (TCO) for IT security by replacing disconnected point products with a single, consolidated security platform.
  • Increasing Security
    By adequately accounting for encrypted traffic and filtering for known threats, organizations can prevent sophisticated cyber threats from penetrating perimeter defenses and moving laterally across the internal network thanks to a solid business VPN solution.

The Zero Trust Model – How it Works

Internal networks are comprised of different levels of trust which should be segmented according to sensitivity. Organizations looking to establish secure “trust boundaries” according to the Zero Trust model need to improve their defensive posture through:

  • Network Segmentation
    Network segmentation allows organizations to define internal trust boundaries to granularly control traffic flow, enable secure network access and implement network monitoring. This reduces the attack surface and provides a distributed security solution which operates as a holistic threat protection framework.  
  • Trust Zones
    Trust zones are comprised of distinct pockets of infrastructure where resources operate at the same trust level and similar functionality such as protocols and types of transactions. This minimizes the number of allowed pathways and limits the potential for malicious threats to access sensitive resources.
  • Infrastructure Management
    Zero Trust segmentation relies on the ability to efficiently monitor the network via centralized management capabilities. This allows data to be processed by out-of-band analysis tools and technologies that may further enhance network visibility, detect unknown threats, or support compliance reporting.

5 Tips to Get Started with Zero Trust Network Security

It is important for IT security managers and architects to realize that it’s not necessary to wait for the next network and security infrastructure. By obtaining unparalleled visibility into enterprise computing activity, organizations can incrementally and non-disruptively make the transition to a Zero Trust model.

Here are 5 tips to get started with a Zero Trust approach to network security:

Tip #1: Secure Network Access

To get started, it’s critical to ensure that all resources are accessed securely, regardless of location. Network security, implemented via a client application for endpoints, allows for secure IPsec and SSL VPN connectivity for all employees, partners, customers and guests no matter where they’re connecting from (e.g., remotely, on the local network, or over the Internet).

Additional policies determine which users and devices can access sensitive applications and data. This requires multiple trust boundaries, increased use of secure communications to and from resources and more.  

Tip #2: Inspect and Log ALL Traffic

To accurately monitor what’s happening in the network, organizations must identify and classify all traffic, regardless of ports and protocols, encryption or hopping. This reiterates the need to “always verify” while also making it clear that adequate protection requires more than just strict enforcement of access control. It also eliminates methods that malware may use to hide from detection.  

Tip #3: Least Privilege Access Control

Many legacy solutions are limited to port and protocol-level classification, resulting in too much unfiltered traffic. With granular access control, users can safely access appropriate applications and data by reducing available pathways and eliminating unauthorized and malicious traffic from the network.

With a least-privileged strategy and strictly enforced access control, organizations can define user interactions with resources based on relevant attributes, including application access, user and group identity and the sensitivity of the data being accessed.

Tip #4: Advanced Threat Protection

Legacy security that relies on stateful inspection technology is incapable of enforcing a least-privileged policy because their classification engines only understand IP addresses, ports and protocols – meaning they can’t distinguish between specific applications.

To implement Zero Trust, comprehensive protection against both known and unknown threats, including threats on mobile devices, is necessary to support a closed-loop, highly integrated defense stature that consistently and cost-effectively enables trust boundaries.

Tip #5: High-Performance Design

Since Zero Trust relies on numerous security and networking capabilities, these features must be implemented in a way that doesn’t hinder performance. The Perimeter Zero software architecture minimizes latency and surpasses processing requirements, providing high availability, avoiding loss of service and increasing the uptime of your network.

With unmatched visibility and control of applications, users, and content, organizations can migrate to Zero Trust network security with a highly flexible solution made possible by non-disruptive deployment.

Convert to Zero Trust on the Fly

Because every successful Zero Trust initiative depends on the right solution, organizations can feel confident that they can implement Zero Trust network security without needing to modify the existing network.

Perimeter 81’s software-defined perimeter Zero Trust access feature, called Perimeter Zero, provides a completely transparent experience for all users by enabling access to web applications, SSH, RDP, VNC or Telnet, through resilient IPSec tunnels – without an agent. All your organization’s employees can easily go to their application portal, select the application they have permission to enter and create a session that is fully audited, recorded and monitored.

With secure, segmented and audited access to cloud environments, applications and local services, Zero Trust increases security, auditing, monitoring and visibility while reducing help-desk support and hardware spending.

We hope you found this post helpful! Feel free to let us know if you have any questions and follow us on social media if you’d like to continue receiving all the latest business security news. 

Read More
Perimeter 81 Mass Challenge Ingram Micro Comet Competition Finalist
Perimeter 81 Named a Top Finalist in This Year’s Comet Competition
Reading Time: 3 minutes

TEL AVIV, Israel – Perimeter 81 was announced as one of 12 finalists for this year’s Comet Competition which evaluated 300 ISV applicants, held by Ingram Micro Inc, in partnership with MassChallenge.

Established in 2018, the Comet Competition is the only startup challenge dedicated to discovering talented B2B independent software vendors (ISVs) and accelerating their trajectory to channel market success.

Perimeter 81 – Top 12 Finalist

This award aids in our mission to increase network visibility by providing policy enforcement and protection for all users, devices, applications, data and traffic. By offering innovative, easy-to-use Software-Defined Perimeter solutions, backed by Zero Trust security, we’re working to protect our customers and their clients from looming cyber threats that aren’t addressed by outdated perimeter-centric strategies.

The Comet Competition compliments our progress through go-to-market funding, access to corporate partners and other tools which will help accelerate our success. Once onboarded to the Ingram Micro Cloud Marketplace, ISVs are able to quickly scale, promote, sell and deploy their solutions to channel partners and the customers they serve in more than 50 global markets.

“With Perimeter 81, it is our aim to disrupt the 30-year-old legacy VPN and firewall technology, and help businesses more easily and seamlessly secure network, cloud and application access for the modern and mobile workforce,” said Sagi Gidali, CPO and Co-Founder of Perimeter 81. “We are very proud to be recognized by Ingram Micro and Mass Challenge for our innovative and user-centric Software-Defined Perimeter technology.”

The 2019 Ingram Micro Cloud Summit

We’re excited to join MassChallenge and Ingram Micro at the upcoming 2019 Ingram Micro Cloud Summit, taking place in San Diego, Calif., March 11-13, as they announce the regional winners and showcase all finalists of the Comet Competition.

More information including registration is available here: https://www.ingrammicrocloudsummit.com/

About Ingram Micro Cloud

At Ingram Micro Cloud™, we view cloud not just as a single technology, but as a foundational platform to run and drive a whole new way of doing business. By leveraging our platforms and ecosystem, cloud service providers, telecom companies, resellers and enterprises can quickly transform and get up and running in the cloud within minutes, with little to no investment. Our portfolio includes vetted security, communication and collaboration, business applications, cloud management services and infrastructure solutions designed to help clients monetize and manage the entire lifecycle of cloud and digital services, infrastructure and IoT subscriptions. For more information, please visit: www.IngramMicroCloud.com.

About MassChallenge

MassChallenge is a global network of zero-equity startup accelerators. Headquartered in the United States with locations in Boston, Israel, Mexico, Rhode Island, Switzerland, Texas, and the UK, MassChallenge is committed to strengthening the global innovation ecosystem by supporting high-potential startups across all industries, from anywhere in the world. To date, more than 1,900 MassChallenge alumni have raised more than $4 billion in funding, generated over $2.5 billion in revenue, and created over 120,000 total jobs. Learn more about MassChallenge at www.masschallenge.org.

About Perimeter 81

Perimeter 81 is a Secure Network as a Service that has taken the outdated, complex and hardware-based traditional VPN and firewall technology, and transformed it into a user-friendly and easy-to-use software solution — simplifying secure network access for the modern and distributed workforce. Founded by two IDF elite intelligence unit alumni, Perimeter 81 serves Fortune 500 businesses and industry leaders across a wide range of sectors, and has established partnerships with the world’s foremost integrators, managed service providers and channel resellers.

Comet Competition - Perimeter 81

Contact us if you’d like to learn more about software-defined-security technology and our innovative and disruptive SMB targeted product offering!

Read More
RSA Conference 2019 - Perimeter 81
We’re Going to RSA 2019. Want to Join Us?
Reading Time: 2 minutes

We’re attending RSA Conference 2019 in San Francisco, and we want you to join us! Find us at Booth 635 and learn how to modernize and simplify your network infrastructure with our Secure Network as a Service.

At the conference, you can say hello to our team of experts, pick up some limited edition t-shirts and fun retro prizes and receive 1:1 demos of our award-winning technology.

We’ll be discussing the shortcomings of traditional, complicated and costly legacy VPN and firewall appliances and how these limitations can be overcome by removing the assumption of trust.

This Year’s RSA Conference Theme Is “Better”

This year’s theme is Better: “Which means working hard to find better solutions. Making better connections with peers from around the world. And keeping the digital world safe so everyone can get on with making the real world a better place.”

At Perimeter 81, we’d like to create a brighter future through our proactive commitment to security by offering innovative, easy-to-use solutions that address the shortcomings of perimeter centric strategies. We’re constantly working to protect our customers and their clients from cyber threats that continue to grow and devastate organizations around the globe.

By offering a Software-Defined Perimeter, backed by Zero Trust security, we hope to aid companies in the fight against data loss by increasing visibility into the network and providing policy enforcement and protection for all users, devices, applications, data and traffic.

Familiar with Our New and Exciting Product Features?

Since launching Perimeter 81 last year, we have quickly gained traction in the mid-market. We’re seeing businesses across a wide variety of industries that are in need of simpler, more reliable network security. Our goal, since day one, has been to deliver a single-click service that will eliminate much of the hassle and headache you experienced in the past, and give you greater peace of mind in the future.

Our new product features include:

  • New, sleek UI compatible for web and mobile devices
  • Single Sign-On integration with several leading Identity Providers
  • Two-factor authentication via SMS notifications, Google Authenticator and Duo Security
  • Brand new server locations for even higher availability and connection speed
  • Advanced activity monitoring into your network’s health, activity and security
  • Automatic Wi-Fi Security that immediately protects your traveling employees from Wi-Fi threats
  • Easy-to-use cross-platform applications available for all your employees’ corporate and BYOD devices
  • Private servers with dedicated IPs so you can skip manual IP whitelisting and lock down secure resources
  • DNS Filtering solution for blocking access to certain websites from your company’s network.

About RSA Conference

The RSA Conference is one of the world’s leading information security events, where attendees learn about the very latest in research, development, and trends. The conference offers security professionals new approaches to information security, the opportunity to discover the latest technology, and interaction with top security leaders and pioneers.

Schedule Your Free Demo Today

Simply schedule a meeting with one of our experts and receive your FREE Expo Plus Pass code!

[button style=”btn-default btn-lg” type=”link” target=”true” title=”Join us!” link=”https://www.perimeter81.com/start/rsa-conference-2019/” linkrel=””]

Read More
Info Security PG Award - Perimeter 81
Perimeter 81 Named Winner in the 15th Annual Info Security PG’s 2019 Global Excellence Awards
Reading Time: 2 minutes

Perimeter 81 recognized as the Silver Winner of Startup of the Year – Founded in 2018 and Bronze Winner of Cyber Security Vendor Achievement of the Year.

Perimeter 81, a leading provider of Software-Defined Perimeter technology has been named the winner of the Startup of the Year – Founded in 2018 and Cyber Security Vendor Achievement of the Year award by Info Security Products Guide, the industry’s foremost information security research and advisory guide, in its 15th Annual 2019 Global Excellence Awards.

These prestigious global awards recognize cyber security and information technology vendors with advanced, ground-breaking products, solutions, and services that are helping set the bar higher for others in all areas of security and technologies.

Startup of the Year – Founded in 2018 – Silver Winner
Cyber Security Vendor Achievement of the Year – Bronze Winner

“Cloud and mobility are creating a mega shift in traditional network security,” said Amit Baraket, CEO and Co-Founder of Perimeter 81. “Today, employees are working from everywhere and are increasingly using cloud technologies. With Perimeter 81, it is our aim to help businesses seamlessly secure network, cloud and application access for the modern and mobile workforce. We are very proud to be recognized by Info Security PG’s Global Excellence Awards for our innovative and user-centric Software-Defined Perimeter technology.”

“We are proud to be recognized as an industry player whose network security solution has been named a ‘Startup of the Year’ and ‘Cyber Security Vendor Achievement of the Year’ winner by Info Security Products Guide,” says Sagi Gidali, CPO and Co-Founder. “Behind this distinguished success is our relentless drive to stay customer focused and provide a user-friendly product. We believe this recognition from Info Security Products Guide further validates our commitment to our customers and their security needs.”

About Info Security PG’s Global Excellence Awards

Info Security Products Guide sponsors the Global Excellence Awards and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources and assets. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow’s technology today, best deployment scenarios, people and technologies shaping cyber security and industry predictions & directions that facilitate in making the most pertinent security decisions. Visit www.infosecurityproductsguide.com for the complete list of winners.

About Perimeter 81

Perimeter 81 is a next-generation Secure Network as a Service provider, driven by the mission to transform secure network access for the modern and distributed workforce. Built from scratch based on input from security leaders needing a change from legacy VPN technology, Perimeter 81’s user-friendly interface, unified management and seamless integration with major cloud services, give companies of all industries and sizes the power to be fully mobile and confidently cloud-based.

Contact us if you’d like to learn more about software-defined-security technology and our innovative and disruptive SMB targeted product offering!

Read More
Replace SDP with VPN - Perimeter 81
5 Reasons Why You Need to Replace Your VPN with SDP
Reading Time: 5 minutes

It is now clear that VPNs do not always provide the visibility and control threat inspection needed for companies. In fact, it’s estimated that 60% of enterprises will phase out network VPNs in favor of software-defined perimeters called SDP by 2021.

Thankfully, these critical pain points can be easily addressed with a consolidated Zero Trust network access solution that provides secure, segmented and audited access to cloud environments, applications and local services – the Software-Defined Perimeter (SDP). 

The Modern Business Environment

It’s critical for cybersecurity to evolve alongside technological advancements and increasingly sophisticated cyber threats.

In today’s modern working environment, there are many endpoints and processes that must be secured, including:  

  • Remote employees, mobile users, and cloud computing solutions
  • Wireless technologies and third-party pathways into the network
  • Malicious outside and inside security threats
  • Weak perimeter defenses that allow intruders to gain access and move laterally within the internal network

Legacy VPNs Provide Inadequate Capabilities

Today’s threats are no longer isolated to on-premises applications and devices. When the average organization uses 1,427 cloud services, of which 90% are unknown to IT, it is clear that legacy technology, such as VPNs, do not provide the visibility, control and threat inspection capabilities needed to effectively secure your network.

Reason #1: Lack of Network Segmentation

Internal networks are rarely homogeneous, which is why different users should have different levels of access and trust to sensitive resources. For example, a remote worker would not have the same access to the network as you would. Which is why network segmentation and user access control is critically important to limit resource access and mitigate cyber attacks. However, traditional VPNs are not able to provide coarse-grained network segmentation with different levels of access for different users.  

Reason #2: Lack of Traffic Visibility

Unfortunately, legacy devices and technologies commonly used to build network perimeters let too much unwanted traffic through. For example, legacy VPN technology is unable to distinguish between good and bad applications which means IT is responsible for building and maintaining extensive permissive access controls. They also fail to adequately account for encrypted application traffic and are unable to accurately identify and control users.

Reason #3: Not Suited for Dynamic Networks

Traditional VPNs require tedious hardware, constant management and cannot easily adjust to network or server changes. These VPNs make it more complicated to scale and rapidly adjust for new users and network locations, making it increasingly difficult to effectively manage hybrid and cloud-based computing models. 

Reason #4: Lack of On-Premises User Security

VPNs are often used to enable remote connections to the network, but as a siloed solution, do not secure on-premises users. This lack of on-site security allows bad actors to exploit weaknesses in the office by gaining access to user accounts and moving laterally across the network.

Reason #5: Lacking Wi-Fi Security

Many remote and traveling employees often can’t tell whether Wi-Fi networks are secure, have devices that automatically join unsecured public Wi-Fi hotspots without their knowledge, or utilize VPN services that simply disconnect when a device is in locked or sleep mode. While many VPN providers offer this function, hardware-based legacy appliances and open-source VPN solutions require hours of manual configuration, lack unified network visibility and do not integrate well with the cloud.

Introducing the Software-Defined Perimeter

Replace SDP with VPN - Perimeter 81It’s clear that organizations need an entirely different set of technologies and policies to provide secure network access to both on-site and remote users. The Software-Defined Perimeter (SDP) is an emerging technology that is changing cloud networking. In fact, 60% of enterprises will phase out network VPNs in favor of software-defined perimeters by 2021.

The emergence of SDP has provided a holistic solution to remove the reliance on hardware across the entire security stack and to deploy, manage, and visualize network connections using only software. This enables the integration of powerful APIs, as well as the ability to analyze and visualize network traffic.

Implementing SDP allows organizations to restrict network access and provide customized, manageable and secure access to networked systems. Connectivity is based on the need-to-know-model, meaning each device and identity must be verified before being granted access to the network. This significantly reduces the attack surface area, hiding system and application vulnerabilities from unauthorized users.

How It Works

An SDP solution allows IT Managers to deploy gateways on-premise or over the cloud, securing employees’ remote access to cloud and on-premise applications, all while keeping sensitive data within the organizational network. It has been shown to stop all forms of network attacks including DDoS, Man-in-the-Middle, Server Query (OWASP10) and Advanced Persistent Threat.

A Software-Defined Perimeter (SDP) architecture has three important components: a Client, a Controller, and a Set of Gateways.

  • Client: The client runs on each user’s device while the controller is required to authenticate the users and their devices.
  • Controller: Each user is evaluated by the controller and issues tokens granting each user individual network entitlements.
  • Gateways: The set of gateways is where access is granted to the previously private resources. Network traffic is encrypted and tunneled between the user’s device and the corresponding SDP Gateway. This access point is logged, allowing compliance and auditing to track and record.

Twice as Many Reasons to Use SDP

Without SDP, a single user can do a lot of damage to your organization’s network. While some legacy solutions might be able to provide some of the following benefits with additional customization and integration, the SDP has been found to do it much faster and better.

  • Adaptive
    With an SDP, you can implement automated policies that dictate which device, user or service is able to access the network.
  • Global Access
    Using an SDP, you can deploy unified gateways, giving access to any resources, from any location. This provides connectivity for remote and on-premise users.
  • Precise Segmentation
    SDPs integrate with any Identity Provider, including Active Directory and SAML services, allowing you to utilize precise segmentation.
  • Secured & Encrypted
    To ensure total privacy, data security and classification, SDPs provide client and endpoint protection, identity and access management, OS and application level security, all while encrypting traffic with mutual TLS encryption.
  • Policies Based on Users
    Because SDP systems are user-centric (i.e. they validate the user and the device before permitting any access), they permit organizations to create access policies based on user attributes. This enables automated compliance reporting based on these details.
  • Seamless Audit and Report
    Exporting of logs and connection data to SIEM (security information and event management software products) or analytics platforms (such as Sumo Logic) via API is simple.
  • Account Hijacking
    Session cookie-based account hijacking is completely mitigated by SDP. Since all access is pre-authenticated and pre-authorized, incoming requests from malicious end-points are rejected.
  • Denial of Service
    Single Packet Authorization (SPA) makes SDP architecture much more resilient towards DoS attacks. Since SPA takes significantly fewer resources than a typical TCP handshake, servers are able to drop unsolicited network packets at scale.
  • Reduced Costs
    Automation reduces the need for manual firewall updates, reducing workload and labor costs and increasing productivity.
  • Least Privilege Access
    Secure, policy-based access and network segmentation create one-to-one network connections between the user and the resources they access. Everything else is invisible – including the system itself. This not only applies the principle of least privilege to the network but also reduces the attack surface area by hiding network resources from unauthorized users.

Cost-Effective SDP Network Access and Security

The bottom line is that legacy, perimeter-centric technologies are no longer effective against sophisticated cyber threats, growing endpoints and increased mobility, hyper interconnectivity and globalization.

Perimeter 81 is a technology built to replace traditional VPN technology and provide secure on-premise and remote access for the modern and distributed workforce. It offers a hardware-free, highly-scalable, cost-effective solution that ensures simplified secure network access to protect IP assets from end-point to data-center to the cloud. With a “Dropbox-like” intuitive user-interface, Perimeter 81 is the ideal solution for SMB-sized organizations not currently using a VPN due to cost and complexity.

With Perimeter 81, businesses can monitor and manage their network all in one place and easily secure and segment resource access. Our service provides greater network visibility, seamless onboarding and full integration with major cloud providers, giving companies of all industries and sizes the power to be truly mobile and enjoy complete confidence in the cloud. 

We hope you found this post helpful! Feel free to let us know if you have any questions and follow us on social media if you’d like to continue receiving all the latest business security news. To learn more about the many advantages new SDP technology has over legacy VPN solutions, we invite you to schedule a complimentary demo.

Read More
VP Global Sales - Perimeter 81
We Are Excited to Welcome Ohad Mandelbaum as Perimeter 81’s New VP of Global Sales
Reading Time: 1 minute

VP Global Sales - Perimeter 81

Ohad has more than 15+ years of international management, sales and business development responsibilities where he has built and managed small and large teams across four different continents. Prior to joining Perimeter 81, Ohad was the SVP of Global Sales at a medical device company BrainsWay, a publicly traded company, and as VP Sales & Business Development at Alma Lasers, which was sold to Fuson pharma FOR $241MM and went public in the HK stock exchange. His proven track record in B2B global Sales & Marketing, highly dynamic entrepreneurial start-ups environments and his business development experience has prepared him to successfully lead the Perimeter 81 sales team.  

Ohad’s previous leadership positions have focused on execution, which includes seven years of P&L responsibility. He also has experience and technical knowledge of industry disruptions, including P2P technologies, cloud services and performance management, both as an angel investor and as a consultant. Ohad is looking forward to working in the exciting, ever-growing and dynamic field of cyber security.

Ohad holds a BSc. in Biotechnology Engineering from Ben Gurion University and attended the Northwestern University Kellogg School of Management, earning his Executive MBA. He also served in the Israeli Air Force.

Ohad is native to Israel and spent several years living in Chicago and San Francisco before moving to New York City in 2016. His personal interests include 70.3 Ironmans, marathons, tennis, snowboarding and backpacking.

Read More
5 Easy Ways to Keep Your Employees Safe Online
Reading Time: 4 minutes

90% of Americans are using their personal devices for work, risking their workplace by accidentally opening access to their company data. Keeping your company and employees safe from cyber-attacks can be done by just following these 5 simple rules.
Continue reading

Read More
How to Improve Cloud Security and Productivity Through IP Whitelisting
Reading Time: 4 minutes

Manually whitelisting IP addresses can be a time-consuming process that needs constant management which is why utilizing a service that does this for you can boost employee productivity and improve cloud security.

IP whitelisting allows IT administrators to assign any team member a single, static outgoing IP address. This capability enables new types of cloud and on-premises configurations that are only possible with static IP addresses.

Instead of blocking access to identified risks and threats, such as in the case of blacklisting applications, web pages or IP addresses, IP whitelisting allows you to identify and permit access to trusted resources. By whitelisting IP’s, you are granting only trusted users within a specified IP address range permission to access specific domains or network resources such as emails, applications, URLs or more.

However, manually whitelisting IP addresses can be time-consuming and requires constant management. Here’s how you can automatically whitelist IPs so that you can boost employee productivity and improve cloud security for your entire network.

Whitelisting Usage and Benefits

Implementing IP whitelisting not only improves security but also promotes a more productive workforce by providing a secure and easy way for users to access private network resources from both personal and corporate mobile devices.

  • Improve Cloud Security
    By implementing IP whitelisting, you can improve system security by preventing unauthorized access to your account. If someone tries to access your network with an IP address that isn’t whitelisted, they will be denied access. With Perimeter 81, we provide IT administrators and owners the ability to define user access for every employee in the network, group them with users of similar access limits, and automatically whitelist the group’s IP address.
  • Increase Productivity
    Without a service like Perimeter 81 to whitelist IP addresses for you, IT administrators are left to manually whitelist IP addresses for users, websites, and other gated resources which can take a significant amount of time. With whitelisting, businesses can also limit access to unsecured or distracting sites that can reduce productivity and cut into profits. In fact, 50 percent of businesses take whitelisting very seriously because of these reasons.
  • Secure Remote Access
    Whitelisting enables organizations to secure remote access to the network, including BYOD (Bring Your Own Device) that allow employees to utilize their own devices. With remote access security, businesses can mitigate both cloud and on-site risks that could negatively impact your company’s projects or profits.

How to Whitelist IPs with Perimeter 81

Utilizing Perimeter 81’s secure network access service, all Internet traffic is fully secured and encrypted. Using the unified management portal, IT administrators can easily block out threats, grant user access to approved resources and automatically whitelist specific IP addresses.

How it Works

Perimeter 81’s private gateway feature provides IT administrators with the power to whitelist IP addresses, thereby enabling all team members to share a single, static outgoing IP address accessible by your organization or partners. For example, remote users can always connect to the Perimeter 81 private gateway first, then have their IP address whitelisted.

With Perimeter 81, you can give each user access to the necessary resources they need from any IP address by assigning users to groups. Each user signs in via Identity Provider integration, username and password, and/or two-factor authentication and is then able to access resources according to the roles and permissions assigned to them. This keeps IT administrators from having to manually whitelist every user’s IP address.

After the whitelist is configured with users and permissions, the user list should be audited on a routine basis as employees are hired and leave companies on a regular basis. In addition, partners that access IP whitelisted resources come and go and IT administrators should have full user access visibility through IP whitelisting.

Perimeter 81 IP Whitelisting in the Cloud

Because remote users can always connect to a gateway first and then have their IP address whitelisted to a security group, cloud service platforms including AWS, Azure, Office Firewall, SalesForce, or Zendesk can all be configured to work with Perimeter 81.

Using AWS, for instance, inbound traffic from Perimeter 81 to AWS can be authorized by whitelisting the Perimeter 81 Private Network IP address to your Security Groups (AWS Virtual Firewall).

AWS Security Groups enable the control of IP traffic to your instance, including traffic that can reach instances and services both in the cloud and on-premises. To whitelist IPs, you can allow computers from only your Perimeter 81 Private Server to access your instance using SSH, or use a web server that allows all IP addresses to access your instance using HTTP or HTTPS, so that external users can browse the content on your web server only once connected to Perimeter 81.

Example: How to Whitelist IPs in AWS

Following is a walkthrough of how to use AWS Security Groups to enable the control of traffic to an AWS instance, including traffic that can reach both instances and services:

  • Step 1: Create a Private Network IP Address
    First, create a Perimeter 81 Private Server and then obtain its static public IP address..
  • Step 2: Add an EC2 Security Group Rule  
    Add an EC2 Security Group Rule for Inbound Traffic from Perimeter 81 to the required resources by whitelisting access to the Perimeter 81 Private Network to other instances, databases and related security groups.

    • In the navigation pane of the Amazon EC2 console, choose Security Groups.
    • For every security group you’d like to allow secured access over your Perimeter 81 Private Network, add an Inbound Rule:
      • Specify the related Type (ALL TRAFFIC, SSH, HTTP/HTTPS etc..).
      • Under the Source, enter the Perimeter 81 Private Network IP address including the subnet mask. For example, for IP address 129.42.24.22, enter 129.42.24.22/32 (CIDR notation).
      • Click Save.

Whitelist IP - Perimeter 81

Add access from Perimeter 81 Private Network to your AWS Environment, Instances or databases

Whitelisting Isn’t the Full Solution

For most businesses, whitelisting IP addresses can be overwhelmingly beneficial. However, even though whitelisting can improve cybersecurity, boost productivity and benefit your bottom line, it’s important to remember that each line of security is important. Whitelisting should not replace other security measures, but instead, be used as a complementary piece of a comprehensive security solution.

We hope you found this post helpful! Feel free to let us know if you have any questions and follow us on social media if you’d like to continue receiving all the latest business security news.

 

Read More
InfoSec Trends - Perimeter 81
10 InfoSec Trends CISOs Are Excited About Seeing in 2019
Reading Time: 6 minutes

As the number of cyber attacks continues to grow and privacy regulations such as GDPR take effect, it’s clear that security is pushing its way to the forefront of business priorities.

However, simply dumping money into a complex cybersecurity problem isn’t going to protect customer data, segment user access or secure remote connections to the network. Instead, businesses will need to invest in a cybersecurity solution that works for them.

While simple tips such as encrypting data, changing the default passwords on server infrastructure and monitoring network traffic and server usage can help secure your business’ private data, these CISOs explained what trends and innovations they’re most excited about seeing in the InfoSec industry this year.

Trend #1: Talent Availability and Mastering InfoSec

While the new year introduces endless predictions for the next popular product, service and technology, one trend many CISOs are hopeful to see is an increase in talent availability. Information security is only becoming more complex which is why we need more professionals actively seeking to fill this talent gap. 

“At the heart of the challenge is the small number of people with a cybersecurity skillset. We need to find ways to leverage a small population of qualified practitioners while at the same time finding ways to develop new security and risk professionals with a mindset of fundamental best practices. My focus and evangelical mission this year is helping organizations address the fundamentals (setting the stage for taking on the shiny and exciting technical innovations) and finding ways to leverage existing experts and building and fostering new talent.” – Christopher Gerg, Vice President of Risk Management at Gillware

Trend #2: Zero Trust Security

Zero Trust - Perimeter 81

As new cloud applications and services are being introduced all the time, many global enterprises are welcoming more advanced security solutions such as zero trust.

“The zero trust model eliminates the idea that internal players are trustworthy individuals who mean no harm. Zero trust security continuously evaluates an individual’s behavior and actions to identify and eliminate potential threats. This is accomplished by defining parameters of legitimacy via a range of factors that determines the validity of a user’s behavior in the form of a risk score. These determining factors may include a user’s physical location, IP address, and permissions, among many others.” – Aaron Walker, Senior Research Analyst at G2Crowd.com

Trend #3: Application Security Testing

Application layer attacks are expected to increase this year, which is why emerging application security tools such as Interactive Application Security Testing (IAST) and Runtime Application Self-Protection (RASP) are necessary to protect custom code, open source libraries and frameworks.

We are seeing a wholesale shift from legacy perimeter defenses and vulnerability scanning to instrumentation-based defenses that run as part of the thing being defended. This is true at every layer of the stack, where we can protect individual workloads by integrating security vulnerability detection and attack prevention directly into each layer. IAST and RASP are the most disruptive here, integrating security directly into custom code applications.” – Jeff Williams, Co-Founder and CTO of Contrast Security

Trend #4: More Immersive Machine Learning and AI Systems

Artificial Intelligence - Perimeter 81While Artificial Intelligence is a trending topic, many of these information security tools remain overcomplicated. In some cases, AI and Machine Learning can be useful as strong detection and prevention tools, but industry-wide, the implementation of these pattern recognition technologies can be troublesome.

“CIOs are realizing that through improper implementation of such disruptive technologies, security weaknesses have been built inside of their organizations. In order for these advanced systems to benefit enterprises, establishing clear requirements and investing in the education of the technology is integral for proficient deployment. We should expect to see CIOs adopting platforms that allows developers to store info with your own security models and is more applicable to the needs of the future.” – Lawrence Flynn, CEO of Artificial Solutions

However, AI systems and machine learning are able to effectively learn from user behavior and apply adaptive controls which can automatically detect known threats before they cause significant harm.

“Machine learning is a large experimentation process. Right now, however, most companies are failing to capture information on the vast majority of their experiments and failing to provide their researchers with the tools they need to efficiently develop cutting-edge models. We’re also going to see a shift from simple, end-to-end tools to custom, best-in-class machine learning platforms as people begin to realize the value of specialization. A leading indicator of this trend will be the rise of new jobs around product management for ML platforms. As specialization occurs, more advanced methods of machine learning like deep learning and reinforcement learning will gain traction.” – Scott Clark, CEO and Co-Founder of SigOpt

Trend #5: Workflow Automation Within SOC Organizations

Workflow automation is expected to increase within SOC organizations this year. “CISO’s will start to explore tech solutions paired with process and procedure to offset the amount of skilled engineers to combat cyber threats. Tooling implemented will not only be focused around workflow, but also machine learning capabilities to identify patterns and behaviors that can drive automation to remediate threats. As enterprises increase in devices, networks, and identities, organizations will need to implement tech to increase awareness driving automated solutions to keep networks secure.” – Ray McKenzie, Founder and Managing Director at Red Beach Advisors

Trend #6: Prioritizing DevOps as the Focus of an Agile Strategy

Agile DevOps - Perimeter 81One of the primary challenges in DevOps is overcoming the “separation of concerns” that exists by providing DevOps teams with a collaborative environment that can be accessed securely without restricting the agility of development and operations.

“In 2019, more companies will begin to prioritize DevOps as the focus of their agile strategy. As nearly every company is shifting their business model towards software in some capacity, those that will be successful will recognize that their ability to be agile can only be accomplished if they are automating as much of their pipeline as possible..” – Alex Salazar, Vice President of Product Strategy at Okta

Trend #7: SDWan Simplifies Network Security

“Services like Megaport and Masergy will increase the ability for InfoSec teams to monitor, control and adapt their networks to mitigate threats. Instead of having to support MPLS, Dark Fiber and ISP, SDWan will pull the networking experience under one roof and allow for greater flexibility and integration which will enable better security.” – Drew Farnsworth, Partner at Green Lane Design

Trend #8: Cloud Security Concerns

As companies continue to shift to the cloud, we’ll see more businesses who fail to configure their cloud environments correctly. One of the first strategies companies attempt for cloud migration is named “lift and shift,” which simply takes an application and migrates it up to the cloud provider. This often unintentionally exposes the applications to more users, where the internal application from several years ago with limited maintenance is now available up in the cloud.

With cloud migrations, I see a level of bill hijacking, where hackers attempt to run their services in other companies’ accounts. When you look at crypto-mining and bustable cloud resources, it’s perfect: the hacker gets the coins and the victim pays for the resources. The cloud always has more resources for sale.” – Erik Costlow, Principal Product Evangelist at Contrast Security

Trend #9: Increased Managed Security Services

Managed IT - Perimeter 81

While businesses move to the cloud, in-house IT services and localized networks are becoming a thing of the past. “Managed security services, where someone is always on and watching your system against threats, is becoming more the rule than the exception. There are nearly a million pieces of malware released per day, and that’s even including more specialized attacks like DDos. The number of threats isn’t going to diminish anytime soon. Being prepared is the only solution.” – Adnan Raja, Vice President of Marketing for Atlantic.Net

Trend #10: Increased Network Segmentation

While many organizations rely on dated, hardware-based VPN technology, these systems are complex, costly and require extensive management. The Software-Defined Perimeter (SDP) model addresses traditional VPN limitations while providing a flexible cloud-based platform, granular user-access control and analytics, and segmented access to on-premise and cloud resources. 

More advantages of SDP technology include the ability to:

  • Employ role-based access controls, logs and analytics
  • Distribute global IP addresses  
  • Save money on deployment and management
  • Easily achieve compliance regulations
  • Enable secure remote connections”

– Amit Bareket, Co-Founder and CEO of Perimeter 81

We hope you found this post helpful! Feel free to let us know if you have any questions and follow us on social media if you’d like to continue receiving all the latest business security news.

Read More
MSP Multi-Tenant Platform
Introducing the Multi-Tenant MSP Platform
Reading Time: 2 minutes

With our multi-tenant MSP management platform, we’ve added even more capabilities so that our partners can easily manage multiple organizations and networks all in one place. With these new features, MSPs can use the new multi-tenant management platform to easily switch between multiple organizations and implement network changes almost instantly.

Greater Recognition and Success for MSPsc

Perimeter 81’s hardware-free infrastructure, multi-tenant management platform and single-click client applications grant Managed Service Providers and their clients the benefits of hassle-free, highly scalable and cost-effective network security.

By providing partners with ready-to-use tools and resources, we hope to aid MSPs in promoting their market success. “We at Perimeter 81 are proud to offer even more tools and comprehensive resources to our valued partners,” remarked Amit Bareket, CEO and Co-Founder of Perimeter 81. “With our MSP multi-tenant platform, our partners can easily manage clients and resellers separately while effortlessly switching between accounts. This reduces much of the headache that outdated hardware-based legacy VPNs have created for them.”

The MSP Multi-Tenant Management Platform

In addition to our partner portal where you can amplify your digital marketing efforts with a resource-rich and free-to-use CRM service, the multi-tenant management platform enables MSPs to:

  • Manage customers, resellers, multiple organizations, team members and networks all in one place
  • Easily manage billing and view customer license activities
  • Gain network visibility and intelligence for clients
  • Benefit from consolidated auditing and reporting

MSP Platform - Perimter 81

In the overview section, you can see each of the organizations you manage, including clients and resellers. Here, you can simply select the organization you’d like and quickly manage their networks, servers and licenses. For each organization, you can easily invite team members, connect identity providers, enable two-factor authentication and more.

Perimeter 81: A Secure Network Access Solution

Perimeter 81 is a next-generation, software-defined network security provider, driven by the mission to transform secure network access for the modern and distributed workforce. Built from scratch based on input from security leaders needing a change from legacy VPN technology, Perimeter 81’s user-friendly interface, unified management and seamless integration with major cloud services, give companies of all industries and sizes the power to be fully mobile and confidently cloud-based.

As a Perimeter 81 partner, you can offer your clients:

  • Automatic Wi-Fi Security: Our signature patent-pending Automatic Wi-Fi Security feature immediately protects your traveling and remote employees from unsecured Wi-Fi hotspot threats.
  • Cross-Platform Applications: Easy-to-use cross-platform applications available for all your employees’ corporate and BYOD devices. 
  • Dedicated IP Addresses: Private servers with dedicated IP addresses so you can skip manual IP whitelisting and lock down secure resources to protected IPs.
  • Single Sign-On Integration: Enforce secure policy-based access with identity provider integration, including G Suite/ Google Cloud, Okta, Microsoft Azure AD and Active Directory/LDAP.
  • Two-Factor Authentication: Add an extra layer of security and prevent remote attacks with SMS notifications and Google Authenticator.
  • Advanced Activity Monitoring: Gain even more insight into your network’s health, activity and security with increased activity visibility including group and server creation, team member authentications, password changes and more.

Feel free to let us know if you have any questions, follow us on social media or follow the link below to learn more about partnering with us.

[button style=”btn-default btn-lg” type=”link” target=”true” title=”Partner With Us” link=”https://www.perimeter81.com/partner-with-us” linkrel=””]

Read More
Top Tools for Remote Workers
Top 10 Tools for People with Remote Jobs
Reading Time: 4 minutes

The world of freelancing and hiring remote workers has transformed the way people work. With people constantly plugged in, self-managing time and projects, and traveling and connecting to unsecured networks, the resources and tools remote workers need are far-reaching. That’s why we’ve outlined just a few ways you can help a remote worker you know increase productivity with these top 10 gifts for people with remote jobs.

Productivity Tools

Time Doctor – Time Tracking and Management
Remote workers rely heavily on time tracking, productivity management tools, and other self-managing apps and services that help boost productivity. Time Doctor is a must-try time tracking tool that allows remote workers to account for every hard working minute and easily send invoices to clients. While this boosts tracking efforts by employees, this also allows employers and clients to monitor the money they are investing in projects as well. “By letting them start the habit of knowing how and where they spent their time (which Time Doctor’s analytics would show), productivity will increase by at least 20%.” – Carlo Borja, Head of Online Marketing at Time Doctor

Trello – Project Management Software
Trello is a popular project management and collaboration tool that allows users to organize tasks visually according to different boards and projects. “I’ve been a big fan of Trello for a long time because I can organize all my projects into one place. The color design is beautiful and being able to check in on several boards at once somehow makes my stress plummet. Furthermore, the recent Slack integration is excellent for remaining connected to the office and updating my boss on project milestones. For anyone working with multiple to-do lists, timelines, and goals, I highly recommend Trello. Plus, it’s only $10 a month!” Taylor Covington, Content Marketing Associate at The Zebra

Airtable – Task Management and Content Curating
While there are many task management tools out there, Airtable’s social media marketing and content tools make managing work and increasing productivity easy. “It helps me set content schedules, is great for content planning, and the social media calendar tool makes my clients feel confident in my social media management services.” – Mikaela Delia, Freelance Online Marketer at Miracle Marketing

Technology Tools

Portable Laptop Battery
Working remotely means you’re in constant need of a power supply. Unfortunately, knowing where you can plug in while traveling can become quite the hassle. With a new, high-speed laptop charger, remote workers can quickly recharge, making working on-the-go even easier. “Equipped with both USB-C Power Delivery and a hi-voltage laptop port, the V88 quickly & efficiently charges laptops (including MacBook, Surface, & USB Type C) on-the-go. FAA compliant and compact, it’s the perfect gift for travelers of all kinds.” – Julia Yavin, Director of Sales & Marketing at Voltaic Systems

Bluetooth Headphones
While Bluetooth headphones are convenient for many people, remote workers benefit drastically by going hands-free. Many remote workers often spend hours on their computers, dialed into conference calls, sharing screens and more. Each of these activities requires headphones and other audio hardware, making hands-free Bluetooth headphones an excellent idea for any remote worker. “My top resources for working remote: A good laptop and a good set of Bluetooth earphones – I love my MacBook and AirPods” – Debbie Winkelbauer, CEO of Surf Search

Wireless Chargers and Scanners
Wireless chargers and scanners have become increasingly convenient both in offices and for those with remote jobs. “Many [wireless chargers] are compatible with Apple products and can even charge an iPhone and Apple Watch at the same time. Some wireless chargers even work in the car, so you can easily charge your devices on the go,” says James Rice, Head of Digital Marketing at WikiJob. “When you are a remote worker, sometimes things that are easy within an office environment become tricky. A wireless scanning device can sign and scan contracts or digitize paperwork ready for uploading or emailing. This makes it easy to share signed or printed paperwork with colleagues all over the globe. Its compact size is also great for travel or for small home offices.”

Noise-Canceling Headphones
Often times, remote workers carry out their work in public spaces. This may be coffee shops, airports, or other public places. Noise-canceling headphones allow remote workers to tune out the distractions and get to work uninterrupted. “They allow you to work in co-working spaces and other noisy environments without interruptions. They are also very helpful if you work from home and have children around the house.” Rob Palmer, CEO of GoFreelance

Collaboration Tools

Toggl – Time Tracking Software
One of the toughest challenges of being a remote worker is collaborating with distributed teams. “Most of our engineers (we’re a Software Development Staffing company) are remote workers. We use Toggl for time tracking and notifying clients of how the time they are paying for is being spent.” – Julia Duran, CEO and Co-Founder of South Geeks LLC

Loom – Video Collaboration
“This is a free screen and video recording tool. It allows me to quickly send a video to my team and share my thoughts. It’s extremely easy to use and makes communication far more clear than email. Sometimes, when I want to show specific things to my team or give feedback, I quickly create a video using it. It saves a lot of time and has helped me become a lot more efficient.” – Sumit Bansal, Founder of Craft of Blogging

A Business VPN
Virtual Private Networks, VPNs, are not only useful for expats looking to bypass geo-restrictions, but they also offer powerful advantages for both consumers and businesses. Since remote workers often travel and connect to unsecured Wi-FI, it’s important that they utilize a Business VPN to quickly set up a private, secure connection to another remote network. That means they can safely access any of their clients’ private data without compromising the data or sensitive systems or triggering security alerts.
For the businesses, it’s an OpenVPN alternative that allows Multi-tenant management, fast connection speeds with an easy set-up.

We hope you found this post helpful! Feel free to let us know if you have any questions and follow us on social media if you’d like to continue receiving all the latest business security news.

Read More
HIPPA Compliance - Perimeter 81
How a VPN Can Help with HIPAA Compliance
Reading Time: 3 minutes

HIPAA compliance affects healthcare organizations, insurance agents and more. In this recent podcast, we’ve outlined the easiest way to secure your data so that you can meet HIPAA compliance obligations easily and cost-effectively.

Public Wi-Fi is dangerous for both people and businesses, especially for those dealing with confidential and sensitive data. Due to a lack of encryption and open passwords, unsecured networks can be hacked in a matter of seconds.

We’ve already seen many significant healthcare data breaches this year. The HIPAA Journal reported that there were 29 breaches in May of 2018 alone with unauthorized access being the most numerous type of breach with an incident of 51 percent.

Introducing the Cloud VPN

With a Virtual Private Network (VPN), organizations can easily protect data transmission, secure data with strong encryption and meet other compliance requirements to secure electronic Protected Health Information (ePHI).

When you connect to a VPN, you create an encrypted tunnel that protects your data from hackers and third parties. This allows you to set up a completely private and secure connection to another network, enabling remote employees to securely access the network while they’re outside of the office.

Our service actually takes this one step further with Wi-Fi Security – a patent-pending feature that automatically activates military-grade encryption the moment an employee connects to an unsecured Wi-Fi network. This keeps all data being transferred over the network hidden from hackers – even if their mobile device is locked and inside their pocket.

More, our DNS Filtering Solution prevents the employees to access spammy websites that could endanger the company’s network security.

How Does a VPN Supplement HIPAA Compliance?

Majority of ePHI breaches result from compromised mobile devices or networks that contain unencrypted data which can result in loss of trust, substantial fines, criminal charges, and even civil action lawsuits.

To secure confidential data, organizations can implement a VPN to encrypt all transmitted data over the network, securing protected health information both on-site and remotely. Cloud VPNs integrate seamlessly with major cloud providers and can ensure that sensitive data located in cloud environments are fuly protected and secured.

The Benefits of Using a Cloud VPN

  • Lockdown Confidential Data and Databases to a Specific IP Address

    When you deploy a private server, you essentially restrict access to certain resources using a specific IP address. This allows you to designate certain team members to have access to only that server or IP address, limiting data access and segmenting the network.

  • Nonstop Security with VPN Kill Switch

    A VPN kill switch ensures that if the VPN disconnects for any reason, the Internet connection is stopped and no data is transferred. That means that no data will ever be transmitted over the network without encryption so that no third party can see your data in plain text.  

  • Full Visibility with a Unified Management Platform

    Not all software based VPN services offer advanced visibility and management features. With our VPN service, you can easily invite team members, deploy private servers and view all network activity in one unified place.

  • Two-Factor Authentication and Identity Provider Integration

    Two-factor authorization is key to security because it prevents hackers from accessing your account even if they were to obtain your login credentials. By requiring an additional layer of security via SMS push notifications or Google Authenticator, user access can be easily maintained.

Achieve HIPAA Compliance with a Full-Service Security Solution

At Perimeter 81, we’re highly aware of data storage and logging privacy because it’s critically important in both the business and consumer spaces. Even before GDPR came into effect, we were ready to address these security issues for our customers.

Cloud-based VPN technology offers much-needed scalability, affordability and increased compatibility with cloud storage environments. We are GDPR compliant, SOC-2 compliant and ISO 27 001 compliant so that we can offer a highly effective solution for any organizations’ HIPAA compliance needs. 

If you’d like to learn more about using a VPN for HIPAA compliance, please don’t hesitate to request a demo at www.perimeter81.com/demo or contact our sales team at [email protected].

Read More