Mobile IoT Authors: Liz McMillan, Elizabeth White, Zakia Bouachraoui, Yeshim Deniz, Pat Romanski

Related Topics: @CloudExpo, Mobile IoT, Cloud Security

@CloudExpo: Blog Feed Post

New Kid on the Block: Frictionless Security | @CloudExpo #Cloud

The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone

The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone. While this can bring many benefits to organizations, such as enabling employees to work remotely, cutting costs by using the cloud to simplify IT deployment and permitting contractors and supply chain members to self-serve their accounts, there is also a dark side.

Think about it: by extending every application to virtually everyone, each users’ specific needs and uses of the application aren’t being taken into consideration. Does every employee really need to be granted remote access, and does each contractor hired really require the ability to enter the entire network? Of course not; after all, applications that are easier to share are also easier to hack.

contact-headerThe problem lies in the way traditional network security is implemented. Firstly, the traditional approach encompasses too many tools and moving parts, making it hard to manage end-to-end, from server to user. Secondly, too many users are relied upon, creating delays and promoting the use of “Shadow IT” when users are too impatient and simply want to get their jobs done. In a world in which everyone wants to share everything, everywhere, this approach doesn’t make the cut.

What’s needed is a fresh approach that views the security of networked applications as software-defined networking, with one point of control to set security flows from end-to-end. An approach that automatically segments sensitive applications with strong cryptography, so only the designated users can get access, dramatically reducing the attack surface available.

This fresh approach is here, and ready for organisations to deploy. It’s called CryptoFlows, the industry’s first solution for crypto-segmentation of sensitive networked applications. Crypto-segmentation means each application designated by an organisation can automatically be protected by strong encryption with its own keys, isolating each application’s traffic and segregating it in its own network with strong encryption. Organisations can directly control who or which user group or role can access each one of those virtual application networks (CryptoFlows), meaning that even if someone makes it past the firewall, they still cannot access sensitive applications if they are not an authorised user.

With more and more organisations adopting a frictionless security model, it’s important for the limitations of the approach to be recognised. Extending applications to virtually anyone associated with an organisation is bad business practice, and essentially puts critical data and applications in danger of being compromised.

Certes’ CryptoFlow solutions are the world’s first production-proven solution for crypto-segmentation of networked applications. For 15 years, not a single Certes customer has suffered a data breach on any application protected by Certes. To find out more, register for our webinar on crypto-segmentation click here.

The post New Kid on the Block: Frictionless Security appeared first on Cloud Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

IoT & Smart Cities Stories
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to great conferences, helping you discover new conferences and increase your return on investment.
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sp...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...