Quality Assurance and Project Management

Feb 15 2019   11:40PM GMT

DH2i’s New DxOdyssey to Ensure Security for Remote User Access

Jaideep Khanduja Jaideep Khanduja Profile: Jaideep Khanduja

Tags:
Data-security
DH2i

DH2i’s New DxOdyssey, Software-Defined Perimeter (SDP) Software, Promises to Ensure Security for Remote User Access to Cloud Services

An Alternative to VPNs, Which Present Management Headaches and Security Vulnerabilities

From the IT department to the C-suite, data security has become a key priority, driven by business and competitive requirements, as well as regulations compliance. Until recently, VPNs have been considered one of the most secure methods for the transfer of data. However, recently it has become abundantly clear that in most cases VPNs are unable to meet the security requirements of today’s business environment, nor meet regulations compliance mandates. And, for many IT departments VPNs have been nothing but an expensive, time-consuming, management headache. Today, I speak with Don Boxley, CEO and Co-Founder of DH2i (www.dh2i.com) about this increasingly critical topic.

Q: The undeniable benefits of the cloud have acted as a catalyst for datacenters to expand beyond their physical walls.  However, this expansion also introduces potential security issues.  Datacenters have typically turned to VPNs – could you discuss the plusses and minuses?

A: Yes, security technology datacenter managers have historically turned to VPNs. They did so because with VPNs datacenters managers were able to give users secure connections to cloud-based services. On the plus side, it’s a legacy perimeter security technology they’re very familiar with. On the minus side, they’re obsolete for the new IoT reality of hybrid and multi-cloud. They weren’t designed for them. They create too large an attack surface. The issues that surround using traditional approaches such as VPNs to secure hybrid cloud environment include:

  • – Users/devices get a “slice of the network,” creating a lateral network attack surface
  • – Complex configuration requiring dedicated routers, ACLs and FW policies increasing risk and expense
  • – Inbound connections create attack surfaces (e.g. DDoS)
  • DxOdyssey

    Q: How are these problems exacerbated for organizations that wish to grant strategic partners access to infrastructure and information?

    A: Providing such access represents a critical security risk that can introduce a multitude of security threats to your enterprise. Besides the threat of potentially introducing malware into your systems, there are other possible technical and business dangers of which to be aware. First, granting system access to third parties instantly lowers your security level. If a vendor that you invite in has feeble security controls, they now will become the weakest link in your security chain. If an outside attacker compromises that vendor’s system, this malevolent force can use that as a backdoor into your network. In parallel, as that third party’s risk increases, so does yours. Some of the largest and most publicized retail data breaches in history have been linked back to third-party vendors.

    Q: What types of solutions/approaches overcome the limitations just discussed?

    A: One approach to secure remote user/partner access to cloud services is to deploy a software-defined-perimeter (SDP). An SDP starts with the question: Does every remote user/partner really need full access to my network to transact business? An SDP would enable organizations to give remote users/partners access to the specific computing services they need without giving them a “slice of the network” or put another way if you want to virtually eliminate network attack surfaces get users off your network by using software-defined-perimeters. This would be an essential component of moving the organization’s network to a Zero Trust (ZT) architecture. The analyst firm Forrester defines a Zero Trust (ZT) architecture as one that abolishes the idea of a trusted network inside a defined corporate perimeter. In the case of remote user/partner access to cloud services, ZT would involve the creation of micro-perimeters of control around computing assets to gain visibility into how remote users/partner use services/data across the cloud network to win, serve, and retain customers.

    Q: You recently introduced a new software called DxOdyssey. Could you tell me more about it?

    A: Sure. This fall, DH2i introduced new network security software product, DxOdyssey, that is specifically designed to enable the organization to dynamically deploy highly available micro-perimeters to isolate services for fine-grained user access without using a VPN. DxOdyssey was purpose-built to give medium and large organizations the perimeter security model needed for cloud-centric network connectivity with virtually no attack surface.

    Q: I believe that this is something that anyone that is concerned with the data security of their organization should check-out. Where can one go to learn more?

    A: Please visit http://dh2i.com/dxodyssey/ for more information and/or to schedule a live demo.

     Comment on this Post

     
    There was an error processing your information. Please try again later.
    Thanks. We'll let you know when a new response is added.
    Send me notifications when other members comment.

    Forgot Password

    No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

    Your password has been sent to:

    Share this item with your network: