Daily Tech Digest - May 27, 2020

Enterprises look to SASE to bolster security for remote workers

access control / authentication / privileges / security / key"Companies that were on the fence about whether to upgrade to SASE, they're falling over to the 'adopt now' side," says Zeus Kerravala, founder and principal analyst at ZK Research. "If I'm trying to move to a modernized application infrastructure, why am I still using a network architecture designed for client-server from 30 years ago? A lot of my apps are now in the cloud, I've got people working from everywhere. This transition would have happened with or without the pandemic, but the pandemic has accelerated it." While it's too early to tell if adoption spikes will continue after the pandemic abates, individual SASE vendors are reporting dramatic changes so far. Versa Networks, for example, saw remote user traffic increase by 800% to 900% since the pandemic hit. "Around March 22 is when we began to see these stats appear at this level," says Mike Wood, Versa Networks' CMO. Sanjay Uppal, senior vice president and general manager of the VeloCloud business unit at VMware, says that use of the company's SASE network has gone up five-fold since the pandemic hit.

In the communication space, UCaaS is probably the best-known term in cloud communications. When the as-a-service offering arrived, providing access to flexible communications in the cloud, UCaaS was one of the first ways that businesses saw the benefits of this new scalability. In the UCaaS Magic Quadrant, Gartner devices UCaaS as something that can combine the critical factors for communication into a single space. Unlike UC that concentrates heavily on on-premise hardware, UCaaS is more focused on cloud-based services delivered over the internet. ... CPaaS, on the other hand, is very similar to UCaaS, but it delivers a different kind of experience. Just like UCaaS, your technology is delivered over the cloud, and often on a pay-monthly subscription service. However, while UCaaS delivers the entire communication platform to your team in one go, CPaaS allows business owners to develop the solution that suits them. For instance, you might add video collaboration, instant messaging, and voice calls to the technologies that you already use in your landscape. This is possible through the use of sample codes, Rest APIs, developer forums and in-depth documentation. Some companies even offer their own software development kits that are specifically for CPaaS use

 “The move to widespread remote working has required many industries to adopt new cloud services in order to maintain staff communication and collaboration during such a challenging time,” said Nigel Hawthorn, data privacy expert for cloud security at McAfee. “However, it is important to recognise the increased threat from cyber criminals who see opportunity in cloud services that are not managed securely. “Cloud and data security should be absolutely front and centre in informing any enterprise’s cyber security approach – even more so when they are increasingly reliant on the cloud. Without ascertaining where sensitive data resides or how it is used and shared, it is simply impossible for organisations to have an accurate picture of their security posture and where any vulnerabilities may be.” Hawthorn said it was crucial for organisations to recognise their role within the shared responsibility model, making everyone accountable for cyber security, from enterprise IT teams, to managed service providers accessing their networks, down to individual employees.

Rebuilding our broken economies starts with market-level collaboration image
Over the course of its history, the IT industry has pursued a relentless march to optimise the affairs of individual firms, often creating massive inefficiencies and standing in the way of progress for industries as a whole. But in their defence, software vendors have only responded to how firms within markets operate, providing solutions that fit their customers’ fear of sharing valuable data. There is an unspoken invisible line at the boundary of the firm and the market in which it operates that, until now, enterprise software has rarely been able to cross. Gaining market-level optimisation has been unthinkable without also ceding unpalatable levels of control and power to a vendor. So, even when an opportunity to pursue amazing new efficiencies through pooling the operations of an entire market into a centralised shared service arises, it’s extremely hard to justify taking the plunge.

Life in lockdown: Chiara Zuddas, 31, works on her laptop at home in San Fiorano, one of the original 'red zone' towns in northern Italy that have been on lockdown since February, in this picture taken by her husband, schoolteacher Marzio Toniolo, March 27, 2020. Toniolo has been documenting what life has been like for his family since quarantine began for them weeks before the rest of the country. Picture taken March 27, 2020. Marzio Toniolo/via REUTERS THIS IMAGE HAS BEEN SUPPLIED BY A THIRD PARTY. MANDATORY CREDIT - RC2EUF900M5P
Firstly, be aware that working from home represents much more than a change of location. It involves a profound shift in mindset and behaviour. With teams dispersed, we can no longer just turn to the side to check our thinking with a colleague. Instead, we make more decisions in isolation, and this can make us more vulnerable. We are also becoming more used to interacting with certain contacts only via email, which may raise the risk of impersonation and identity theft. In addition, the crisis itself is affecting the way we think. During times of stress and upheaval, humans tend to respond more instinctively and less rationally. Over the past few weeks, many of us have been forced to make instant decisions amid constant change. Such fast thinking has its place, but it can stop us from considering certain situations carefully and rationally and choosing the best way ahead. Finally, the threat of potential hackers is adding yet another source of stress.

"Microsoft was founded on the principle that software was intellectual property," Sinofsky says, making distinctions between the various approaches to software and hardware adopted by Microsoft, IBM, Google, and Apple. He points to the the Altair BASIC interpreter, the first product from Bill Gates and fellow Microsoft co-founder Paul Allen, which they created in the 1970s for hobbyists to program in BASIC on bare metal. Incidentally, Microsoft open-sourced the 1983 GW-BASIC interpreter last week as a historical software artifact. "Times were different when Microsoft started," Sinofsky writes. "There was no network distribution. In fact it cost money (COGS) to distribute software," he said, referring to the additional cost of distributing software compared with the way Google distributes its ad-backed software in the cloud, how Apple ties its software to hardware, and how IBM coupled its software with consultancy fees.

F-Secure’s research teams examined multiple devices, including, but not limited to, the Huawei Mate 9 Pro, the Samsung Galaxy S9 and the Xiaomi Mi 9. They found that the exploitation processes for Android vulnerabilities and configuration varied from device to device, which is important because it implies that devices sold globally offer different levels of security to users located in different countries. More concerningly, the level of security a user receives ultimately depends on the way the supplier configures the device – so two people in different countries can buy the same basic device, but one will be substantially more insecure than the other. “Devices that share the same brand are assumed to run the same, irrespective of where you are in the world,” said James Loureiro, UK research director at F-Secure Consulting. “However, the customisation done by third-party vendors such as Samsung, Huawei and Xiaomi can leave these devices with significantly poor security, dependent on what region a device is set up in or the SIM card inside of it.

Technically applying security with Spring Security in Spring applications is simple. You already implement Spring applications so you know that the framework's philosophy starts with the management of the Spring context. You define beans in the Spring context to allow the framework to manage them based on configurations you specify. And let me refer only to using annotations to make these configurations and leave behind the old-fashioned XML configuration style! You can use annotations to instruct Spring what to do: expose endpoints, wrap methods in transactions, intercept methods in aspects, and so on. Also, you'd like to apply security configurations. This is where Spring Security comes into action. What you want is to use annotations, beans, and in general Spring-fashioned configuration style to define your application-level security. If you think of a Spring application, the behavior that you need to protect is defined by methods.

While smart cities can offer unprecedented levels of convenience to improve our everyday lives they also rely on vast networks of data, including personal customer information to predict our preferences. This has led to concerns around the high levels of data used and stored by smart systems, and the security provided to our digital identity. We know that existing personal and unique identifiers, such as passwords and PINs are no longer secure enough to protect our systems, and this is even more important in hyper-connected cities as, once a city becomes ‘smart’ the inter-connected networks widen, and the potential for cyberattacks or data breaches grows. So as this trend continues, how can we develop smart cities that are both convenient and secure? To resolve this, providers of smart city networks need to establish a chain of trust in their technology. This is a process common in cybersecurity, where each component in a network is validated by a secure root. In wide connected networks, this is vital to protect sensitive personal or business data and ensure consumer trust in the whole system. Therefore, a biometric digital identity should sit at the root of that chain of trust in smart city networks.

There is nothing wrong with monolithic apps in general if the different business functions they support are closely related to each other and they all need to be called in the same transactional context. These different functions also should have the same lifecycle in terms of enhancements and production deployments. But if an application or system needs to support business functions that are not closely related to each other, have different lifecycles of changes, or have different performance and scalability needs, then monolithic applications become a challenge. Application development and support start becoming overhead and a burden when the business needs change at different paces or in different parts of the system. Having a single app responsible for multiple business functions means that anytime we need to deploy enhancements or a new version of a specific function, we must shut down the whole application, apply the new feature, and restart the application.

Quote for the day:

"Each day you are leading by example. Whether you realize it or not or whether it's positive or negative, you are influencing those around you." -- Rob Liano

No comments:

Post a Comment