Examine Everything, Trust Nothing to be Future-Verification and Secure

VMware offers a scope of safety items for undertakings. This incorporates Carbon Dark and Work area ONE Insight for endpoint security; CloudHealth Secure State and Tanzu Administration Lattice for cloud security; and NSX scope of items for network security.

This includes Carbon Black and Workspace ONE Intelligence for endpoint security; CloudHealth Secure State and Tanzu Service Mesh for cloud security; and NSX range of products for network security. A veteran with nearly 23 years of experience working with organizations such as Compaq /HP India, Wipro Infotech, and Triveni Engineering, BSN, as he is fondly called, discusses with The Smart CEO the challenges and solutions for security in today’s world of rapid transformation.

In this era of digital transformation, can you share the top three security threats businesses face today?

Once a hacker gets in, you provide what is called east-west security to prevent lateral movement. The second thing is public clouds, which are being increasingly used by developers who are lax about security and make a system vulnerable through misconfigurations, not providing monitoring, giving overly liberal permissions, not enabling encryption, and so on and so forth.

This exposes the whole organization to a big threat, as once malware enters a public cloud-like an S3 bucket of Amazon, it can have access to the entire organizational system. More than two-thirds of the attacks that we see happen are from the end-user devices such as mobile, devices and things like right, especially today. The majority of the organizations are moving towards working from home and may access data even from public places such as airports, and hotels, apart from the office and its branches.

So it could be from edge locations, data centers, public clouds that are SaaS-based applications, and so on. Kindly share your approach to Zero Trust and Context-centric security. Zero Trust was coined by Forrester a few years ago and is about protecting applications and data. Applications are accessed from anywhere and on any device and routed through the network. One of the key aspects of Zero Trust is to connect all these four points – the data, the applications, the servers, and the devices – to give overall visibility into how they are integrated – and use automation and orchestration to the maximum extent possible to minimize human errors.

Today most organizations, especially large enterprises such as banks and telcos, have deployed many security solutions and next-generation firewalls such as IDS/IPS devices, web application firewalls, and secure web gateways. Hackers don’t operate in silos, so it’s very important for organizations too to have an integrated approach to the various threats across functions in a concerted manner. There are three hurdles to implementing Zero Trust successfully: One is the context; it is important to know what you are defending.

So we are not trying to protect just the boundaries of the data center now but also the entire works – public clouds, multiple public clouds, edge locations, and whatnot since the applications today are very distributed and not centralized. Our approach is to use Situational Intelligence, Connected Control Portals, and Security as a Distributed Service. Kindly share the best practices in threat hunting to proactively protect data.

Instead of just hoping that technology flags and alerts you when malware attacks your systems, you apply analytical capabilities and understand the environmental context to more quickly determine when unauthorized activity occurs. This makes network security paramount. It cannot be an afterthought, where you deploy an application code and then think of security.

How can digital transformation technologies help with threat hunting and crisis preparedness?

SASE (Secure Access Service Edge), a term coined by Gartner, is another area of interest as it combines networking and security technologies in the cloud. There are a number of networking technologies and there are a number of security solutions with overlapping dependencies. This will ensure context and identity-based security and will be founded on the principle of trust nothing.

written by: