Cloud Hosting

The nature of endpoints in IT terms has changed significantly in the last 10 to 15 years. Back in the early noughties, so-called thick applications were installed on users laptops (if they were lucky enough to own such a luxury item!) or on a desktop in the workplace. For cybersecurity teams, it was all about protecting what was installed on the system and the perimeter encompassing the clients LAN.

In the last 15 years, we have diversified from how that worked. The situation has almost gone back to the very early days of computing where mainframe or Meta-Frame (early Citrix Virtualisation) systems were used for hosting applications and data, and users addressed services through thin clients.

Today most applications and services are hosted in the cloud the latter-day mainframes or can be co-hosted, with low-overhead processing on the device and heavy-lifting done in a remote datacenter somewhere out there.

Todays internet connection speeds mean there is little difference in responsiveness between operating remote instances and local monolithic apps. Just as well, given that a decent proportion of the population finds itself suddenly working at home. That means protecting cloud services, cloud access, remote endpoints and data in transit become as important as safeguarding perimeters. Like Elvis, endpoints have left the (office) building, and while the central working-space show may be over for now, it just highlights the fluid nature of what cybersec teams have to protect.

To help us explore the changing picture of endpoints and cybersecurity practices, we spoke recently to Joseph Carson from Thycotic, a leader in privileged access management (PAM) solutions in Australia and New Zealand, and Asia. Joe is Chief Security Scientist and Advisory Chief Information Security Officer at the company and a cybersecurity expert with over 20 years of experience in the industry.

Thycotics expertise is in providing security based on risk risk posed by outside attackers on an organisation, but also the risks inherent in users having privilege-determined access to information. Its platform helps enterprises simplify what are often highly complex security toolsets.

With the company named as a leader in its field by top IT security analysts, the CISO at Thycotic has to know their craft. So, if anyone has the inside track on how organisations might reassess their security policies formulation with regards to newly defined endpoints, its Joe. We began by discussing the multiple accounts and services people access to get a days work done.

Endpoints are no longer just the devices, theyre hosted everywhere, he said. And that means that since internet access became vital for a lot of devices to function, so it means that the access, communication and traffic become important. [A user needs] a multitude of credentials and authentication to be able to access those applications. And thats where we start seeing a lot of things like Single Sign On, and privilege-based access security. [Those] really help manage those complexities of authentication and authorisation.

Joseph told us not to come at the cybersecurity issue from individual endpoints standpoint but rather to begin with a comprehensive and continuous risk assessment of the data and how it is accessed. After all, its what cybersecurity is designed to protect. Our job in cybersecurity is to help reduce the risk to the organisations business and help employees be successful.

First of all, before you get to any of the final decisions about implementations and strategies and controls, you have to understand what is [an organisations] risk? If I have a service, and that service isnt available for a day, whats the cost to the business? Can the employee do anything? And then the second part is getting the balance between productivity and security. You know, you should never sacrifice one or the other. So, its always finding that balance. In my mind, we need to get security to work so that means making security so its usable.

The second part of the cybersecurity puzzle has always been an issue for IT teams: a scale with extremes comprising byzantine protective systems making daily working tools unusable for most and a liberal approach that promotes freedom but leaves the stable door wide open. And, we suggested, isnt there also a big part for employee education in cybersecurity issues?

Joe told us that educating the users remains valuable, but that is exactly what cybersecurity teams have been trying to do for 20 or 30 years. And they shouldnt stop now! Thats a continuous thing, thats not something you should stop doing. We want better educated people to be able to visually identify risks and report them. Because when you have people in the front line that can actually report instances earlier, the better an organisation will be at reducing the risk.

Human defences are not the whole story at least not in a risk-based cybersecurity strategy like one that Joe continuously helps educate companies all around the world today

At the same time, we want to make sure that when they click on the link, [] the security controls in the background will work for them [and] bring important information to the foreground than they need or report it for additional checks in the background. The more we move security to the background, and where we make security work automatically and seamlessly, the better it is for the user.

Source: Thycotic

It is not just users in the enterprise who connect to networks, thereby, to one degree or another posing a threat to an organisations systems and data integrity. Today many thousands of devices attach through a network: the internet of things exists to a greater degree than many people imagine, and ensuring that machine security and identity is part of the risk assessment is a critical part of cybersecurity practice.

We discussed an example of an IoT network in which one device might drop off the radar then reappear a few hours later. In an intelligent, adaptive cybersecurity framework, such an event should raise a red flag until such a time as the reasons for the outage can be determined.

Aside from internet of things devices and cloud applications redefinition as endpoints that need cybersecurity consideration, 2020 and 2021 have writ large the BYOD issue. Or, as Joe terms it, bring your own disaster or soon to be bring your own office.

Many millions of words have been written (on this site alone) about the different ways in which organisations can help their users demarcate between work and personal applications/workloads on their tablets and phones. However, the Thycotic approach is a great deal more finely tuned.

For me to access my works email, it might be perfectly fine to authenticate with a username, password, and a multi factor authentication. Now, if I want to go and access, lets say, customer data, then the security control that I satisfied for my email is no longer just satisfactory. So, I cant just now move across and use the same security controls to access sensitive data. We refer to as leveling up, that you have to then level up or satisfy more security controls.

An example came up of how the Thycotic companys security controls worked (it takes its own medicine in that sense) on a granular level. Joe told us how, on a business trip outside his adopted homeland of Estonia, he got a notification from his team. Hed been attempting to access secure information from a different country behaviour the Thycotic automated systems had flagged as anomalous against the companys predefined policies.

Even though some of the technology used in situations like this is extremely complicated under the hood, Joe reaffirmed that for the end-user him, in this case simplicity was vital:

One of my mentors and bosses many years ago said that security should be like a light bulb or like electricity. You hit the switch, and you dont need to know the complexity in the background, it just works for you.

For further reading, we recommend this eBook, The Definitive Guide to Endpoint Privilege Management (EPM), plus theres a webinar to get involved in too. Both highly recommended.

Read the original here:
Thycotic commentator: your endpoints just followed Elvis out the building - Tech Wire Asia