How have you secured your network in a perimeter-less context?

ArchitectureStrategy
431 viewscircle icon3 Comments
Sort by:
CEO in Manufacturing4 years ago

The critical thing is the ability to actuate. So from the network standpoint, the internet was built on 4 million IP addresses, IPv4. And now you have IPv6 and all these ads. It's getting huge. No matter what, there has to be something that says at that node, I know who it is in there, what permissions they have and I can lock it down as quickly as possible. You need the zero trust aspect coupled with cognitive AI, and I use cognitive very specifically. Because if a bot's going through a script, it isn't cognitive.

It's doing these steps in that manner. But if there's something that can understand, adapt and interpret, learning as it goes, then you've got people that can see what it's learning to do, and you see the threat factors come back, then you can tune it further and truly scale. I see it as a combination of those two, because the network is absolutely critical. I remember Scott McNealy at Sun saying this in 1992 - There is no privacy, get over it.

Every network node, doesn't matter what it is, has to be secured in that manner. And you have to scale using cognitive AI to handle it. People aren't going to be able to do it themselves, there's no way to scale with humans.

Lightbulb on2
SVP in Finance (non-banking)4 years ago

I've directed my teams to really secure the endpoint and user. The breaches I've seen are with edge computing, the biggest example being that you get phished and your user’s local endpoint gets compromised. The bad actors have access to it, and depending on your configuration, if the user had local admin rights, now the bad actors can get hold of the network and do all kinds of things by running scripts and PowerShell. 

First, separate local admin accounts from normal users and don't allow login using those admin accounts. Then restrict the ability to run scripts so that it’s extremely difficult for bad actors to take control of the endpoint, which has become the source of unauthorized access to the network. Your intrusion detection system (IDS) and your intrusion prevention system (IPS) are going to work. That's not how bad actors are getting in. They're getting in through the endpoint. I'm focused on implementing two-factor authentication and making it hard for intruders. 

Take away local admin rights. If they need local admin rights, then create a different ADM account and don't let them log in with those. Disable PowerShell and scripting. If you're going to enable it, make sure you're monitoring it. If you do those things, you're making a breach that much harder and protecting your network because you're securing the number 1 source of breaches. It's never fully secure, but you're increasing the difficulty for intruders.

Lightbulb on2
Sr. Director of Security Engineering in Software4 years ago

I spent 5 years at Illumio, so I'm a little biased towards micro-segmentation as a security strategy. If you could segment your applications, networks, and endpoints from each other, you should. If you don't have a need to access that web server, then why do you have the ability to access it? So obviously some segmentation is critical.

Lightbulb on2

Content you might like

I am looking for insights on establishing an Architecture Review Board (ARB) within our organization. As we aim to enhance our architectural governance and ensure alignment with our strategic objectives, we recognize the importance of setting up an effective ARB. To this end, I would greatly appreciate your guidance on the following aspects:       1. Establishing a Charter: What key elements should be included in the ARB        charter to clearly define its purpose, scope, and authority?       2. Member Selection: What criteria should we consider when selecting members for the ARB to ensure a diverse and knowledgeable board?       3. Review Process: Could you share best practices for structuring the review process to ensure thorough and consistent evaluations of architectural proposals?       4. Decision-Making: What are effective methods for making decisions within the ARB, and how can we ensure transparency and accountability?       5. Documentation and Communication: What templates or tools would you recommend for documenting reviews and communicating decisions to stakeholders?      6. Measuring Success: How can we establish criteria for measuring the success and impact of the ARB on our architectural practices? Your expertise and experience in this area would be invaluable to us as we embark on this initiative. Any additional insights or resources you could provide would be greatly appreciated. 

Read More Comments

Are you currently using or planning to use one of these cloud-based testing solutions? Choose all that apply.

AWS Device Farm27%

BrowserStack26%

Google Firebase Test Lab29%

Kobiton19%

LambdaTest24%

pCloudy15%

Perfecto13%

Sauce Labs10%

Xamarin Test Cloud8%

Other cloud-based testing8%

N/A7%

View Results

Procurement of bitcoin in ransomware situation.  What are folks doing to prepare for the need of a large purchase of bitcoin in the need to pay ransomware. Yes ideally we would take the "we'll never pay approach" however, I think it's important to be realistic and in certain circumstances you may need to cross that line. 
Are you tied into a retainer of some sort with an exchange or Bitcoin holding firm?

Read More Comments

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

In the next 6 months, which will your company do?

Invest more in eCommerce34%

Maintain the current investment in eCommerce60%

Invest less in eCommerce4%

View Results