Certes webinar securing the frictionless enterprise

1. Webinar: Securing the Frictionless Enterprise Welcome

2. Our Speakers 2 Jason Bloomberg, President of Intellyx & contributor to Forbes - Presenter Satyam Tyagi, CTO of Certes Networks - Presenter Adam Boone, CMO of Certes Networks - Moderator Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

3. Root of the Hacking Crisis 3 “Trusted” Network No encryption IPsec HTTPS SSL#3 Access Attacks SSL#4 No encryption SSL#1 SSL#2 Yippee! Oh no!We digitized everything! We digitized everything! Yippee! Yippee! Oh no! Oh no! We can share everything! Everybody’s mobile! We can share everything! Everybody’s mobile! Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

4. The Common Vector 4 “Trusted” Network No encryption IPsec HTTPS SSL#3 Access Attacks SSL#4 No encryption SSL#1 SSL#2 Every major data breach in the hacking headlines has a fundamental architecture exploit in common Failure of proper segmentation and isolation of networks and applications Once a single user or resource was compromised, hackers could move laterally to the most sensitive applications Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

5. The New Risk 5 We are only as secure as the least secure of … Employees Partners Supply chain members Contractors … who have app access Opening applications for sharing means opening for potential hacking We put locks on the external doors, but anyone can go anywhere inside Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

7. About Jason Bloomberg • President of industry analyst firm Intellyx • Agile digital transformation thought leader • Write for Forbes, several blogs, biweekly newsletter the Cortex • Buy my latest book, The Agile Architecture Revolution Copyright © 2015, Intellyx, LLC7

8. The Frictionless Enterprise • Technology extends beyond the corporate perimeter • Customers demand high- performance, end-to-end capabilities • Business and technology ecosystems become central organizing principle Copyright © 2015, Intellyx, LLC8 Reducing friction for borderless enterprises PhotoCredit:RyAwesomehttps://www.flickr.com/photos/ryawesome/

9. The Dark Side of the Frictionless Enterprise • Sharing applications means exposing them to hackers • Securing systems and data isn’t enough • Security for end-to-end digital applications requires new approaches to cybersecurity Copyright © 2015, Intellyx, LLC9 More open means less secure PhotoCredit:AbulicMonkeyhttps://www.flickr.com/photos/abulic_monkey/

10. The Limitations of Network Segmentation • There are no more “safe zones” • Perimeter security woefully inadequate • Network segmentation is part of the solution – Leads to fragmented patchwork – Doesn’t work well with borderless apps – Infrastructure-centric, not business-centric Copyright © 2015, Intellyx, LLC10 PhotoCredit:PaulArpshttps://www.flickr.com/photos/slapers/

11. Anatomy of the Target Breach • Attack compromised credentials of HVAC contractor • Hackers moved laterally, installed malware • Attack took months, went undetected • Stole millions of credit card numbers Copyright © 2015, Intellyx, LLC11 PhotoCredit:MikeMozarthttps://www.flickr.com/photos/jeepersmedia/ Firewalls didn’t help

12. Borderless Enterprises Require Borderless Security • Application security must be decoupled from network infrastructure • Secure applications across clouds, third party components, etc. • Threat mitigation becomes business concern – Business establishes security policies Copyright © 2015, Intellyx, LLC12 PhotoCredit:MarcMajcherhttps://www.flickr.com/photos/majcher/

13. Security in a Post-Trust World • Can’t trust any network or any user • Breaches have already occurred – How to contain damage immediately – Even before you detect & repair it • Business-centric segmentation – Cryptographically isolated – Driven by business policy Copyright © 2015, Intellyx, LLC13 Software-defined compartmentalization for the frictionless enterprise PhotoCredit:LyndsayEssonhttps://www.flickr.com/photos/98198789@N02/

15. CryptoFlows Securing The Frictionless Enterprise Satyam Tyagi, CTO CertesNetworks.com

16. Current State: Industry Response More of the Same The Truth is it will never be Zero Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs 16 “Entry is often extremely quick, as one would expect when exploiting stolen or weak passwords. Most often it takes weeks to discover, and that’s based entirely on when the criminals want to start cashing in on their bounty.” – Verizon DBIR 2014 Security Industry is trying to address this “Discrepancy” by trying to “reduce this gap”

17. • Traditional Security Strong Perimeter: Threat prevention via firewalls • Current Generation of Security Threat Detection and Response: Monitoring and Analysis of signatures, behavior, sandbox • Next Generation of Security Threat Containment: Crypto-Segmentation • Cryptographic segmentation of sensitive applications • Role based controlled access Minimizing breach damage by blocking lateral movement Threat Containment: Crypto-Segmentation CertesNetworks.com Threats Contained Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs 17

18. Principles of Segmentation • Where do you draw the lines to segment?  What is it that you are segmenting?  Networks Infrastructure or Business Applications • Who is granted access inside the segments?  What checks, verification and criteria are used to allow access?  Trusted Networks, Trusted Device serial numbers or User identity and role • Who defines the segments and access policy?  In or outside the organization, which teams define policies?  Field network engineers, service providers and contractors or Security officers 18 Internet DMZ LAN WAN CRM Code Billing Sales Engineering Contractor Trusted Network Trusted Device Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

19. CryptoFlow Role-based Access to App Crypto-Segments 19 Crypto-Segmentation Architecture Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

20. CryptoFlows in Action 20Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs • Apps are individually, cryptographically isolated in their own crypto-segments • Users are granted access based on their roles and authorization policy • The Possibility of Lateral Movement is eliminated • A compromise of one user is contained to only what the user has access to, and does not spread to everything

21. CryptoFlow: Crypto-Segmentation • Where do you draw the lines to segment?  Lines are drawn around business applications • Who is granted access inside the segments?  Only users with their business role authorization get access to applications that they need • Who defines the segments and access policy?  Security officer manages all policies  Enforcement is with cryptography (keys) • Why it succeeds?  Business centric end to end security, enforced with strong cryptography, under control of security office 21Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

22. Start: Question the Status Quo  What are your business-driven security requirements?  What happens when they change/evolve?  Does the current security architecture help or hinder?  How does it hold in the BYOD, Mobile, Cloud? What happens when a breach takes place? 22Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

23. How to Apply Crypto-Segmentation  Make a list of your current applications  Prioritize most sensitive applications  Determine which user roles need access to what  Crypto-segment along these dimensions You have to start with business needs and work backwards towards security, and not let security infrastructure deficiencies force business practices. 23Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

24. CLICK TO EDIT MASTER TITLE STYLE Thank you! The white paper and slides will be emailed to you within 24 hours. Watch CryptoFlow Solutions in Action: https://youtu.be/RUIWhTgCNCs

Certes webinar securing the frictionless enterprise

Du liest eine Vorschau.

Hier ansehen

Certes webinar securing the frictionless enterprise

Weitere Verwandte Inhalte

Diashows für Sie (20)

Ähnlich wie Certes webinar securing the frictionless enterprise (20)

Weitere von Jason Bloomberg (20)

Aktuellste (20)