The growth in mobile computing and BYOD, combined with the steady migration to the cloud, has had a direct impact on where enterprise applications are hosted and the need for them to be accessed easily and securely.
Where previously organizations held applications on the corporate network behind a protected perimeter, with access tightly controlled by the IT department, today’s digital ecosystem demands an altogether more rapid, seamless and open approach.
An array of hardware and software solutions, including Application Delivery Controllers (ADCs), Virtual Private Networks (VPNs), identity management and application monitoring software have allowed enterprises to deliver application access remotely for over twenty years. Yet this method has limitations and the situation has been further complicated by the security risks inherent with the network architectures that enable remote access to enterprise applications - broad network connectivity can significantly increase an enterprise’s attack surface.
While providing secure enterprise application access has always been important, it is now coming under increased scrutiny with the impending arrival of the Global Data Protection Regulation (GDPR), which comes into force in May 2018. The new regulation will demand that organizations ensure that personal and sensitive data is secure, regardless of where in the organization it is held, whether on the cloud or in a data center. Not reporting a data breach that leaks personal and sensitive information can have a financial impact on the organization as well as severe consequences for its business leaders.
All of this means organizations need to consider five key issues in the enterprise landscape that will frame their decisions regarding application access in the future.
1 - Who needs access?
For some apps its employees, for others its partners and third party stakeholders, on whom we are increasingly relying to drive business forward. With each partner added to the ecosystem outside-to-inside access rules have to be put in place in perimeter firewalls to allow access to apps. This can create weaknesses and security risks: to date these have been managed by adding more layers of security, but every layer that stops malicious traffic entering also comes with its own complexity, cost, and has not obliterated the problem.
Some enterprises simply limit the resource to the user so they can get the job done. However, this approach doesn’t work for those organizations using VPN, for example, which allows broad access to the corporate network.
2 - Taming mobility
Enterprises have extended trust to mobile devices and encouraged BYOD, sometimes to their own cost. Technologies like Network Access Control (NAC) and Mobile Device Management (MDM) have been used to ostensibly bring users inside security perimeters but the installation of clients and certificates on the devices are merely extending the perimeter to more external users. They are also unable to stem the dangers posed by malware that can silently take over a device.
IT teams have been under tremendous pressure to establish trust with user devices, and security is, if anything, weaker, rather than stronger, as a result.
3 - On the cloud
Moving to the cloud has many advantages in terms of agility, flexibility and cost, but it doesn’t provide low-level control of the network components and servers. Additionally, of course, users cannot physically be ‘in the cloud’ – everyone has to come in from the outside.
Very few companies have just one cloud, they have Virtual Private Clouds (VPCs) which can be created and torn down in minutes. Each is its own network with a perimeter. With traditional application access solutions, security and policies would be controlled on a per-VPC basis. If access is via a VPN, for example, there would need to be a VPN termination point in every cloud. This means that users would need to run multiple VPNs on their devices and know which one to use to access each VPC and the app they are looking for. It’s complex and the only alternative is an overlay wide-area network that connects all the VPCs, which is very costly.
4 - Zero-trust models
Trust is based on knowing and being able to identify the person, but how can we be sure that trust has not been compromised? We can use username and password identity with two-factor or multi-factor authentication, but malware outbreaks have redefined the trust relationship that enterprises have with user devices.
If we can’t trust devices and users, we can’t use VPNs which allow users to punch through network perimeters. A zero-trust approach means that giving internal network access to anyone becomes a security risk. Even amongst those who are initially trusted, this can be transient and of minimum duration and scope.
5 - SaaS-ification of IT apps
We live in a SaaS world – think of Facebook, Gmail and Uber – we can access them on any device, anywhere. The same trend that has gained such popularity with consumers is also underway with enterprises. Easy and simple interfaces, such as Microsoft Office 365, provide users with the applications they need.
The challenge is that users want the same experience accessing all of their non-SaaS apps and this is easier said than done. In addition to the security measures of a traditional enterprise perimeter, SaaS companies have had to front-end their applications with Internet-scale protection from DDoS attacks, add acceleration to mitigate performance and latency issues and add specific application-layer attack protections. New access architectures must meet the expectations of users and deliver private apps as if they were SaaS with the same level of protection that they require.
Enterprises need a new architecture that delivers a simpler, more secure way of accessing enterprise apps behind the firewall. It needs to separate and isolate access to the underlying network and provide access to only the applications users need to get their work done – nothing else on the network. What this will do is create an air gap between private enterprise applications and infrastructure, and the Internet - which minimizes the attack surface and makes enterprise infrastructure invisible to the public.
There should be no inbound open tunnels or ports to the enterprise and the model should ensure trust is device-independent, transient and of minimum duration and scope. Dependency on the infrastructure between the user and the resources they need has to be eliminated, and of course, it must meet user expectations for ease, high performance and accessibility.