In this Expert Corner, inSOC CIO Jeff Gulick talks with John Peterson, Chief Product Officer at Ericom. Peterson specializes in Zero Trust Technologies and solutions in Silicon Valley, California. Peterson has 30 years experience in serial entrepreneurship, cyber-security, and networking.
As MSP Cybersecurity builds, MSPs will need to increase their cybersecurity client resources in 2021.
Here are six key points MSPs need to know:
1. Internet Exposed Access to RDP (which allows employees to work remotely) Under Nonstop Attack
Global cyberhackers are taking advantage of weaknesses in high risk and unhardened remote access technologies, which are intended to allow remote workers to access internal servers and systems. The massive corporate pivot to remote work creates gaps in security protection, with employees and managers under constant attack, according to John Peterson.
The security gaps are driven by legacy solutions like VPN, IPsec, and Internet exposed RDP ports, which were never designed for this full-scale shift. “Yes, it was a temporary solution to get remote access enabled, but we’ve built a larger attack surface for hackers,” Peterson said.
Since cybercriminals often creep into systems undetected, employees don’t even know to report the problem.
“And if you think about COVID again, we’re all working from home, let’s say that my computer is on my home network and the kids are in the other room downloading whatever they download or playing video games and their machine gets infected and spreads to my machine in my home network. And then I use my home network to attach to the corporate network, now you have ransomware spreading potentially everywhere because of that,” Peterson said.
The Zero Trust Network model restricts devices that are either unauthorized, or security compliant, and even then it narrows employee access to specific areas related to their positions.
2. Legacy Cybersecurity Strategies Are Losing Ground
Ten years ago, security worked when everyone was in the building. The applications and programs sat in a data center or wiring closet somewhere inside the building.
And in that kind of environment, you have a castle and moat architecture and mentality about your sensitive data assets. “You’ve got all of the applications hosted inside the castle, and occasionally people need to come in from the outside and you build this moat around it. And that moat basically became the security layer,” Peterson said.
But with COVID, everybody is outside the castle. So applications are everywhere, users are everywhere. “You can’t really build a perimeter around your castle with firewalls and intrusion prevention systems and think you’re securing things because those things aren’t there anymore,”
Additionally, many companies run VPN as a device-to-network connection. Once you are on the network, you are inside the castle, and you can go to every room in the place. So really the world is now trying to figure out how to enable users to access applications wherever, whenever, but do it in a more secure way than before.
Zero trust says, “No you can’t just attach to the network and you’re now on the subnet as if you were sitting in your cubicle and can ping everything in the building.” You’re really zoned into only specific applications and programs needed for your job.
In the case of VPN, your SOC service need to spend more time and energy monitoring ever-increasing and skilled cyberattacks.
3. Zero Trust Network Sees Everyone as a Threat, Including You
A company’s investment in ZTN protection strategies means seeing everyone’s laptop, email practices, and access are a threat. ZTN works to mitigate attacks by using a proxy to validate your identity and broker the session. But companies must recognize the potential for every person, including the CEO, to expose the company to massive damage with only one small mistake.
One of the most notable examples are contractors, who need access to do their work, but use external technology to complete jobs. Companies sometimes give their contractors more access than is required.
“You only want to give that contractor access to the specific applications within that castle, and only give them access to that during the time when he needs access to that. So when he logs on and he’s using them, that’s great. Give him access just to that. Everything else is dark. And then when he disconnects, there’s no longer an always-on access policy in place,” Peterson said.
4. Innovation Such as ZTN Is Needed
Following the SolarWinds hack, major companies, including Microsoft, are praising the power of ZTN. ZTN is a conscious decision not to trust anyone to protect the whole. But it’s also an architecture that layers the best of security while limiting access. With cybersecurity news outlets estimating 2021’s cybercrime costs at $1 trillion, the costs are increasing at an alarming rate.
It is especially designed around protecting the most critical information, mapping user routes, building architecture, establish and inform regarding policies, then monitor and maintain its systems. It can be created with existing components or added measures to increase security.
5. ZTN Improves the User Experience
Imagine a work world without passwords.
Whereas companies often require dual authentication, including a password, ZTN, when deployed properly, means employees click on something and it will work, Peterson said.
“So I think if zero trust is deployed properly, it can make the user experience very easy because you can make it as simple as you click on your application, it just works, and the user is not really concerned about what’s going on under the hood,” Peterson said.
“Let me tell you what I’m a big fan of and one of the things that I’ve built into some of the products that I’ve created is getting rid of the password. So single sign on is there for certain purposes, but should not be there for everything. And if you could get rid of the password, you can make your environment more secure,” Peterson added. Passwords tend to stay stagnant too long and are often variations of easy words people can remember, which makes them more vulnerable.
6. MSPs See Increased Influence and Profit by Leading the ZTN Future
As MSPs increasingly offer security services, early adaptors to ZTN will benefit through its leadership. The existing security measures will increasingly crack under the weight of people working remotely. But ZTN process will improve and refine itself by using layered technological controls and still sticking with the foundational security elements, such as the Top 20 Critical Security Controls. Working with a SOC to enhance strategies, MSPs will offer gold-standard services for reasonable prices.
Contact us for more information on how inSOC can help you adopt, control, and monitor a ZTN security environment.
Watch the full interview below with John Peterson, Chief Product Officer at Ericom.
