Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

6/24/2020
10:00 AM
Dor Knafo
Dor Knafo
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Rethinking Enterprise Access, Post-COVID-19

New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. Here are three issues to consider when reimagining enterprise application access.

As we look to reopen the economy, a lot of muscle memory will have to be relearned. The old way of doing things isn't going to make it in the post-COVID-19 world. Too much is on the line, for both employees and customers. Everything is being reconsidered, from entry procedures to foot traffic and flow, to capacity, back-end and front-end processes, online customer service, social distancing, and cleaning.

COVID-19 is an unprecedented challenge for IT departments too. Facing lockdowns and quarantines, organizations are rethinking how they rushed thousands of new users, both insiders and third parties, onto enterprise networks to access critical private applications. In many cases, enterprises also are adding new applications to facilitate online transactions and drive-by service in an effort to deliver contactless customer service. During this crisis, speed and agility were what mattered, and now safety and security are driving the decision-making.

To connect a specific user with a specific set of apps, traditional approaches transport the user all the way to the doorstep of the app with a dedicated tunnel — a VPN. VPNs are permissive, difficult to configure, complicated to manage, and extremely fragile. One slight change in location, device, or operating system and the whole tunnel must be rebuilt from scratch. With a small number of users, devices, and private apps, this is somewhat manageable. But when COVID-19 hit and countless apps, users, devices, and locations needed instant access, it became absolute madness.

How can something so vital to business operations, accessing our own apps, still be so complicated?

Whenever the health crisis of COVID-19 subsides, IT organizations should take the time to rethink how they deliver enterprisewide application access. Crises tend to reveal underlying cracks in an organization. In the case of traditional application access solutions, the pandemic has revealed operational and security issues that are clearly not aligned with digital transformation, the user experience, or the future of work.

Ease of Use Matters
Operational challenges are one of the most persistent challenges that IT teams face. The complexity of multicloud network infrastructure and applications today has led to a tool for every problem. Traditional access solutions have proven to be difficult to deploy and operate. They require new licenses to scale and time-consuming network changes to onboard new users. Post-COVID, we won't have time for that.

What About Zero Trust?
Solutions like VPNs provide too much access, taking the opposite of a zero-trust approach. Users need to be tightly managed, monitored, and controlled. They should not be free to roam once they have gained access. But it is clear that we are largely flying blind, and need better visibility and control not only over user access but each individual request.

Remember Risk?
The security weaknesses of traditional approaches can no longer be ignored. Why are we bringing users on to the network at all? Why are we exposing users to insecure legacy apps?

Here are three considerations for enterprise IT teams to reopen and reimagine enterprise application access, transforming vulnerable apps and networks into zero-trust resources.

  1. Leverage the cloud to isolate the apps completely from the network, making frontal attacks virtually impossible.
  2. Enable continuously monitored, recorded, and controlled zero-trust user access. No more binary decisions at the beginning of the session and free range thereafter. Continuously evaluate user access according to threats and user behavior. No more implicit trust. Application access should be zero trust.
  3. Centralize the access policy and management control of all applications. Ease of use matters.

COVID-19 exposed a lot of weaknesses in the way we enable application access for employees, partners, and third parties. This pain was felt across the board, by executives who wondered about productivity and by users who worried about rationed access. This was felt by IT teams that had to deal with network changes, hardware licensing, and a host of other headaches. Applications remain the lifeblood of business, and employee and third-party access is an issue that is not going away in the new work-from-anywhere world.

Not every change to the way we do business after this crisis will be welcome or particularly helpful. That said, we have learned many lessons during this period of significant business disruption. Access to applications, the foundational tools of business, was put to the test. New approaches will allow businesses to reduce risk while meeting the needs of users, employees, and third parties. That's a change worth making.

Related Content:

 
 
 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really bad day" in cybersecurity. Click for more information and to register for this On-Demand event. 
 

Dor Knafo is co-founder and CEO of Axis Security. Axis Security was founded to solve the problem of secure application access for employees, partners, and other stakeholders. Axis Security delivers a purpose-built zero-trust cloud native security and analytics platform for ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24847
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
CVE-2020-24848
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
CVE-2020-5990
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
CVE-2020-25483
PUBLISHED: 2020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
CVE-2020-5977
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.