Skip to main content

Adaptive Trust Is Needed to Secure the Mobile-First Wireless Enterprise

By: Gamal Emara, Country Manager – UAE at Aruba, a Hewlett Packard Enterprise company

The first priority of defense used to be to secure the perimeter. But changes are shifting the old concept of a fixed boundary in mobile-first wireless enterprises at a particularly dangerous time.

A few years ago, organizations only needed to contend with lone hackers seeking no more than bragging rights for breaching a system. Now, the threat vectors range from global criminals seeking financial gain to nation-states trying to steal trade secrets or blackmail their victims.

And the threats are escalating with attackers increasingly targeting the proliferating number of IoT devices that are coming online. Market researcher Gartner expects that some 6.4 billion “things” will be connected to the IoT this year, up 30% from 2015[1]. That rapid increase also has implications for enterprise security.

Consider, for example, the much-publicized breach of a national retailer a few years back. The attackers gained entry through the systems of an HVAC contractor, which they compromised after an employee of the contractor opened a phishing email. Welcome to the enterprise world’s new security nightmare reality: your perimeter now extends to everyone (and everything) who works for your company’s third party contractors. If that doesn’t wake you up like an ice cold shower, nothing will.

Back in the era of fixed perimeters, it was relatively easy to identify what to trust and what not to trust. Anything inside the perimeter was OK; anything outside was treated with suspicion. But when people and devices are mobile, they move fluidly and freely across the perimeter. Instead of focusing on the perimeter, we have to focus on the user and the user’s apps and devices -- in context.

Contextual understanding means assigning access policies according to the context in which specific users, apps and devices access data resources. You’ll also need to be prepared to address a myriad of new challenges. What kind of device is being used? What applications are on the device? Who is using the device? What time of day is it? From where is the access taking place?

Every one of us can appear quite different to our network depending on the context. For example, if you are a doctor in an operating room accessing medical records, you must be given instant, high priority access. But if you are that same doctor seeking medical data from the Wi-Fi network of a coffee shop down the street, your access privileges could be assigned a lower priority level.

 When trust is weighed and adapted to contextual factors, you have what we call Adaptive Trust. We have implemented the principles of Adaptive Trust in ClearPass, Aruba’s policy manager and in ClearPass Exchange, a central policy engine that enables layers of security thanks to its set of open APIs. A number of partners, including Palo Alto Networks, MobileIron, Intel and Microsoft are part of the ClearPass Exchange ecosystem.

How does this approach work? Recently, one of our partners found one of its firewalls detecting suspicious activity within a network. The cause: an e-cigarette that had been plugged into a USB port for charging. It turned out the device, unbeknownst to its owner, contained malware. When it comes to potential IoT threats, that’s just a hint of what’s over the horizon. Some experts believe that a massive IoT breach is inevitable. However, using a new ClearPass capability called OnConnect, you can now secure IoT devices like sensors that, unlike typical intelligent network devices, do not run 802.1x authentication protocols.

There is a very different perimeter out there. Don’t sit back and wait for the next breach. Get to know that new perimeter -- and adapt your trust accordingly.


Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…

Insurtech startup Kruzr raises $1.3 Million from Saama Capital and Better Capital

InsurTech startup Kruzr has raised 1.3 Million USD (Rs. 9.5 Cr) for its seed round led by Saama Capital with participation from Better Capital. Kruzr is a preventive motor insurance technology which helps insurance companies personalize policy premiums & improve their risk model by delivering an engaging preventative driving assistant to their customers. Kruzr is founded by Pallav Singh, Ayan, and Jasmeet Singh Sethi.

Kruzr blends the power of voice technology and artificial intelligence in its personal driving assistant that helps drivers minimize mobile distractions, drowsy driving, speeding and external risks like weather and accident-prone zones. In pilots with insurers, Kruzr managed to cut down distracted driving by 80%. Kruzr is working with motor insurance companies in Europe, UK and India to bring its technology to their customers to prevent accidents & improve claims.

“Road accidents cause over 1.3 million deaths globally every year, and motor insurance companies los…