The complexity and span of devices on the network continues to develop at an astounding rate and many organisations are struggling to address the growing attack surface. A plethora of devices are being brought into the workplace and while all these new devices are designed to drive collaboration and connection, when they become connected to the company networks, they can become an insider threat and another possible entry point for hacking.
IDC declares that 55 billion devices will be connected worldwide by 2022, while Forbes Technology Council reports that up to 90% of these devices will be unmanaged or un-agentable, meaning that these devices will not be able to be protected by traditional cybersecurity solutions. Furthermore, with the growing everywhereness of device ability to send and receive data via the Internet, the adoption of IoT to improve operational efficiencies and outcomes has taken precedence over critical security and compliance best practices. Forbes Technology Council describes that currently companies cannot see 40% of the devices in their environments.
South African’ organisations are no exception, from IoT to an always-on mobile workforce, many business networks around the country are connecting to more and more devices while struggling to see, manage or secure them, these organisations are more exposed to hack-attacks than ever before.
Building an edge-capable IT function
The network edge represents the culmination of all users, devices and technologies. According to Gartner, edge computing will be a necessary requirement for all digital businesses by 2022. With potentially trillions of Rands being invested in the hope of generating huge economic returns, the argument for paying attention to the edge opportunity is clear and the window for learning and action is narrowing. From a network security perspective, the challenge for IT teams is to lead the pursuit of these edge-based strategies across the business and manage the edge environments, from user devices to operational technology – all with data security as a priority.
In the findings of the e-book commissioned by Aruba entitled ‘Opportunity at the Edge: Change, Challenge, and Transformation on the Path to 2025’, many interviewees and survey respondents highlighted the sheer scale of the technology ecosystem that IT must manage in an edge environment. The edge represents a massive increase in security risks as every device and network touchpoint becomes a potential point of vulnerability and source of threat.
The InfoSec Institute highlights a number of critical risks that need to be managed, including weak device access passwords; insecure communications; data collected and transmitted by devices being largely unencrypted and unauthenticated; physical security risks for individual devices; and poor service visibility, with security teams unaware of the services running on certain devices.
The solution: an edge with built-in zero trust
With these developments, findings and projections on hand, networks will be more vulnerable to insider hacking than ever before and organisations are forced to adopt Zero Trust and Zero Risk Tolerance models that are built-into their network edge.
Sometimes it takes a while for the market to put a name on what you have been doing for a long time. For those not following the latest in security trends, Zero Trust is simply defined as not trusting either the endpoint or the network in terms of granting access.
When Aruba was founded in 2002, we identified security as one of the key challenges for organisations adopting wireless connectivity. That’s why we introduced a Policy Enforcement Firewall (PEF), a firewall that enforces role-based access control across the network, independent of the method of connection. At that time, the market didn’t call it Zero Trust, but essentially that is what it was: the user or device must be authenticated and once that happens, application-layer IT access is granted based on the role of that endpoint. PEF is the enforcement point.
We’ve shipped millions of Policy Enforcement Firewalls that run on both Aruba access points and gateways. As such, they are embedded in our network infrastructure and protect not only wired and wireless LAN connections, but also anchor the Zero Trust security in our edge-to-cloud Software Defined Branch solution. Our Zero Trust protection is so effective that in September 2019 PEF was the only firewall designated by the insurance industry as Cyber Catalyst based on its demonstrated ability to reduce risk.
PEF is the critical component for Aruba Zero Trust that works in conjunction with other elements of the Aruba network ecosystem to implement the management and visibility needed by both the operations and security teams. Aruba’s ClearPass Device Insight harnesses the power of artificial intelligence (AI) to automatically discover and profile everything that is connected to the network without using device agents, all while furnishing a continuous profiling platform that embeds machine learning methods to detect and respond to any change in that profile. When integrated with ClearPass Policy Manager, access policies with precise IT access rights can be created to define the exact role of that device on the network at that moment in time, thus minimising the attack surface. To close the loop, the policy is passed to PEF for control of wired, wireless and WAN access and dynamically segmenting the traffic. This is how Built-in Zero Trust should be.
It doesn’t take a security expert to know that spearfishing, ransomware and denial-of-service attacks are an ever-present danger and the explosion of mobile devices and IoT are increasing that attack surface and creating an ever widening blind spot. To deal with this threat environment, Zero Trust is a must-have foundational element in any enterprise security system. But remember, you can’t simply paste Zero Trust onto your edge, you must have Zero Trust built-in.
© Technews Publishing (Pty) Ltd | All Rights Reserved