Kurt Glazemakers is the CTO Secure Access at Cyxtera.
In the beginning, the internet was a comparatively simple system intended for the quick and easy distribution of data amongst a small group of researchers. Today, it impacts and defines every aspect of our lives.
Humans, devices, and advanced technologies like AI are sharing data at volumes and speeds unimaginable at its inception. Not to mention that the Internet wasn’t conceived with security in mind, so security measures have evolved over time to solve problems as they were discovered. This challenging climate requires us to evolve our security programs to survive.
VPNs have had their day
Virtual Private Networks (VPNs) were introduced more than 20 years ago to enable safe, remote access to the Internet through a point-to-point, secure connection. They achieved this by creating a ‘tunnel’ which could only be entered by suitably encrypted data. While VPNs were fit for this purpose decades ago, they cannot offer protection against today’s complex environment of 5G and IoT, as well as sophisticated attacks like NotPetya.
The scale of today’s security breaches can seriously derail a business. As such, companies cannot afford to hold onto legacy security solutions that don’t provide full coverage. Instead, a new way forward is essential, one that improves security and provides enterprises with superior network access control. Enter the Software Defined Perimeter (SDP).
SDP – a new solution for a new era
The power of the SDP is that it is designed to address the way we use the Internet and the technologies it enables. It does away with the encrypted tunnel and replaces it with dynamic, one-to-one, micro-segmented network connections between users and the resources they have authority to access. This provides security that supports the way businesses need to operate today.
SDP supports a Zero Trust model, which means that each time a user – be they human, IoT device, or AI programme – attempts to access a resource they will have to be authenticated and authorised, using multiple checks, before gaining network access. All other resources that users haven’t been authorised to access will remain invisible to them. This is in stark contrast to traditional VPNs where once someone has access to one part of the network they can see and gain access to everything, regardless of whether it’s relevant to them.
To simplify things, picture a hotel. In a VPN solution any user allowed through the main doors will be able to access any and all rooms. In contrast, in a SDP solution, a single room will be visible and multiple keys required to unlock that one door.
Enhanced network access rules
SDPs don’t just deliver improved security, they also simplify network access rules. This is critical as many businesses struggle to keep track of their network access rules and who created them, or have more rules than their limit allows. This creates significant network management problems and security gaps, increasing cyber vulnerability.
SDP can automatically generate rules for short term access and then delete them when they’re no longer needed. This reduces the number of rules needed, while restricting network access control – both of which increase control and visibility over the network. Furthermore, a full list of rules can be produced within a matter of minutes, simplifying network administration and in particular the auditing process.
Don’t fall behind
The Internet and the technologies that rely upon it have brought a vast range of opportunities to businesses, but also profound new risks. The uses and misuses of the Internet are becoming ever more complex, and this isn’t going to change.
VPNs temporarily filled the security gap, in the absence of a more sophisticated solution. However, they’re insufficient in the modern climate. Only SDP can provide enterprises with a secure network access solution which also simplifies network administration and improves ease of use. Move over VPN, SDP has arrived.
Kurt Glazemakers is the CTO Secure Access at Cyxtera.
