2018 Goal: Re-position Cybersecurity As An Enabler

How can we improve cybersecurity? How can we reduce risk? These are great questions.

As long as cybersecurity is viewed as a pain, it’ll never be integrated into the fabric of an organization. Fortunately, there have been significant advances in cloud-based security services that enable new ways to embed cybersecurity into enterprise services people want.

Ever wonder why dentists re-positioned themselves as teeth whitening experts? Answer: no one likes cavities and, by association, the people who fix them. Similarly, as long as cybersecurity is viewed as a pain, it will never gain widespread organizational support. Fortunately, there have been significant advances in cloud-based data encryption, endpoint trust analysis and access control that enable security controls to be integrated into the application workflow.  Here are a few enterprise service ideas that will make you a hero in 2018:

Faster Internet @ The Office

Everyone wants faster Internet at the office. However, many enterprises backhaul Internet traffic to their data center to scan for malware as well as enforce usage limits. The backhaul approach is both inefficient from a network perspective as well as problematic since enterprise and Internet traffic are mixed together allowing for lateral moving cyberattacks.

As opposed to backhauling traffic, consider a new generation of cloud-based trust assessment and machine learning endpoint protection solutions – these have proven to be as or more effective than appliance-based solutions. Next, implement a software defined perimeter to create secure enclaves within your data center to protect enterprise apps from malware and inside attacks as a second line of defense. And if you still want to monitor usage, there are a number of cloud-based security brokers. The key thing is providing users the best Internet surfing experience while keeping risky traffic out of your data center.

Personal Phones For Corporate Apps

Everyone wants to utilize their phone to access corporate apps. Unfortunately, personal phones are basically impossible to protect from malware, which is why many enterprises have taken a hardline stance against them. The current approach of providing a free company phone, while simple, is viewed as cumbersome. Additionally the company phone approach doesn’t work for supply chain partners who need access to corporate apps.

Deploying enterprise apps in a secure enclave in a public cloud is a simple way to enable personal phone usage as the compute environment is physically and logically separated from other applications.  In the past, public clouds were considered not to have the reliability or security to handle enterprise apps, but that is no longer the case. Features such as integrated load balancing and transparent data encryption offer protection equivalent to legacy data centers. For the new apps that cannot be easily ported to the cloud, utilizing a cloud-hosted application layer connection from the mobile device to the data center is another solution to allowing personal devices.

Work Anywhere Telecommuting

People want to work from home without appearing so to their co-workers or customers.   The key to making telecommuting seamless is allowing the same level of access to applications and data both inside and outside the “perimeter”. However, most enterprises have strict guidelines on the movement of sensitive data outside their walls, which has made true telecommuting a dream.

Public clouds now are able to support self-contained secure enclaves where a hosted virtual desktop is used to access a protected application via a role-based access control solution. Multi-factor authentication on the personal compute device ensures that it is in the possession of the authorized user. The combination of interlocked security controls ensures that only users with an authorized device can access the virtual desktop (from which data cannot be exported).

By packaging your cybersecurity projects as enabling faster Internet, easier mobile phone access, and flexible work environment you will get the political and financial backing of the entire organization. Even if none of these ideas are right for your organization, consider the value of packaging cybersecurity into enterprise services that users want. You’ll be more successful in advancing new security controls while making your organization safer.

What do you think?

3 Ways to Mitigate Insider Threat Risk Prior to an Employee’s Departure

Thoughts from a seasoned IT professional and security rookie