Is the Internet Really a Cesspool of Malice?
Industry analyst firm Gartner recently published a report entitled “It’s Time to Isolate Your Services from the Internet Cesspool.” This article explains why a Software-Defined Perimeter approach is needed for business applications that are exposed to the Internet – a topic that we’ll talk about momentarily – but let’s first dive into the metaphorical cesspool!
I think that anyone who has spent any time whatsoever looking at forum comments, dealing with trolls, or navigating the proliferation of fake news would agree that the internet is, sadly, a cesspool. But let’s not focus on the dark aspects of human nature, and instead concentrate on the threat that internet-facing business services are exposed to. We’ve certainly seen a recent example of how broadly and quickly a vulnerability can be exploited – the Mirai botnet is estimated at having infected over 300,000 devices, and just this week a security researcher witnessed a webcam being infected by the malware only 98 seconds after connecting it to the internet!
Of course, it’s not all doom-and-gloom on the internet, and I personally recommend avoiding comments sections or other troll-heavy domains for sanity’s sake. As we’ve seen, businesses can obtain tremendous value through better connectivity with customers, partners, suppliers, and employees. But, this connectivity needs to be secure. In today’s heightened threat landscape (avoiding the cesspool metaphor for the moment), organizations simply can’t use traditional network security tools to protect these critical business applications. To quote Gartner, “network designs that expose services and accept unsolicited connections present too much risk. Not meant for a complex and interconnected world, they’re now obsolete.”
The Software-Defined Perimeter (SDP) is not just a new technology, it’s a new approach – and we heartily recommend viewing SDP as a catalyst for re-thinking your network security architecture.
To quote the Gartner report once more: “Favor software-defined perimeters (SDP) and other isolation technologies capable of precise, context-based, application-level access only after successful authentication.” Tweet this!
Our vision of fine-grained, dynamic, and policy-driven access control across a hybrid infrastructure – and driven from a single dashboard – can be accomplished today. And because we embrace the heterogeneity of today’s enterprise, SDP can (perhaps paradoxically) be deployed incrementally without invasive infrastructure changes.
*[Gartner, It’s Time to Isolate Your Services From the Internet Cesspool, Sept. 30, 2016].