Normally, these data breaches occur when a hacker manages to gain access to a company’s internal network and their servers. This gives them almost free-reign over the company’s IT system and can lead to enormous damage. However, Cyxetra, based in Coral Gables just outside Florida, believes its new AppGate technology might make network-level data breaches a thing of the past. We spoke to Kurt Glazemakers (pictured), Cyxetra’s CTO of Software-Defined Perimeter security, to find out more.
Inherently Flawed
The internet is, essentially, one big network of computers. Starting out of US military defence contracts and American universities, the internet and its core communication protocol TCP/IP wasn’t created with security in mind, as Glazemakers explains: This lack of inherent security has helped lend the internet a sense of freedom and, despite its military origins, a sense of anarchism. This, of course, is not conducive to good business, but is also a real and present danger for everyday users. We trust companies with enormous amounts of personal data — just imagine, for a moment, if Google was to suffer a large data breach — and this data needs to be secured.
AppGate — how it works
And so, Cyxetra has created AppGate, a new type of security known as a software-defined perimeter (SD). “When we created AppGate,” Glazemakers says, “the term SDP hadn’t been invented yet.” This new kind of security flips the traditional method of connecting to a network on its head: “You were always connecting first, and then authenticating later… I would say what we are trying to do change with SDP is to really reverse that.” At the moment “They [users] start with their own credentials, so you [the company] add a second factor.” AppGate, however: In short, this means that AppGate creates a unique view of the network for every user. If a user doesn’t have the right context to access a part of the network, they simply cannot see it. Imagine, for example, you entered an office and, after scanning your pass, you entered the lift to go to your floor. But, instead of being able to visit every floor, you could only see the floors you had access to beforehand. This makes AppGate a completely dynamic security system which, rather than applying blanket rules to the entire network, applies different rules to different people based on the context that their device is operating in. These rules, as Glazemakers explains, can even be issued on a ticket-by-ticket basis.
AppGate in Action
Currently, companies are securing their networks through assigning different rights to different user profiles, and different rights for devices within and outside the companies’ local network. This relies on VPNs and memorized alphanumeric string passwords — neither of which are completely secure. In fact, according to Glazemakers one of the “main entry points” for hackers into company networks is through stolen VPN credentials. AppGate does away with this risk by restricting users to “smaller, completely isolated micronetworks” and “connecting the network to multiple locations, which can be a cloud, my own network, or a third-party data center,” rather than connecting multiple different locations to the network. So, is anyone actually using this tech? Glazemakers wasn’t able to discuss all of Cyxetra’s clients, but said that Norwegian Cruise Line has been using AppGate to completely transform its ticket-buying service: So, why aren’t more businesses using AppGate and SDP technology? Glazemakers blames market awareness. As it’s still such a new technology it’s taken a while for companies to learn about and understand the benefits it could have for their IT infrastructure.
Where Next for AppGate and SDP?
While network security is important and is the cornerstone of Cyxetra’s business, it’s hardly sexy. However, one area where ordinary consumers could see SDP in action is with their IoT devices. As more connected devices enter people’s homes, it’s important that there is a level of control over the devices that connect to a home wifi network. At the moment, if a router is hacked, everything connected to it becomes incredibly vulnerable. With an SDP-like solution however, users will be able to secure their devices “based on context” easily and without any performance downsides. That’s still a long way off, though, as Cyxetra is focusing on the corporate market at the moment. However, we should all take some heart in the knowledge that companies are investing in better security to protect our data, as well as their bottom lines. Hopefully, one day, thanks to AppGate, big data breaches will be just another tale of internet past, like bulletin boards and chatrooms. Read more about privacy and security on Tech.co
5 Big Ideas for Fixing How We Use the InternetBeto O’Rourke’s Hacker Past Might be What the White House NeedsOnly One-Third of Android Antivirus Apps Works ProperlyHTC is Prepping for Web 3.0 — the Next Generation of the Internet
