About Us

Coronavirus Crisis | Impact, Sustenance and Security

The threat is real, and it is here. Crashing stock markets, disrupted supply chains, jolted travel industry, strained economies, and shut down factories, all these are results of the Coronavirus pandemic. Many economies around the world are struggling to contain the spread of Coronavirus, the hardest-hit countries being China, Italy, the US, Spain, Germany, and Iran. There are over 300,000 reported Coronavirus cases globally (according to WHO on 23 March 2020), since the virus first emerged in December 2019 in Wuhan, China. As the whole world is so interconnected, thanks to globalization, Coronavirus has spread to 117 countries in just over two months. It has become one of the greatest threats to the global economy and financial markets.

Being the manufacturing and exporting hub of the world, China holds a major contribution to the world’s GDP. So the economic turmoil in China due to Coronavirus is imperiling global growth. The impact of Coronavirus on the world’s economy and the fear of a global recession is shaking investor’s confidence and is rocking stock prices across countries. The global stock market has witnessed the most massive single-week decline post the financial crisis in 2008. With worldwide conferences, events, and sports around the world being canceled or postponed and travel restrictions being imposed by governments to curtail the spread of Coronavirus; the travel and tourism industry has been severely impacted. Other industries like retail, restaurants, entertainment, etc. have also started to bear the brunt of the pandemic.

Tough times such as this calls for tough measures from governments and organizations. Until vaccination or cure for the virus is available, the best way to curtail the virus from spreading is through social-distancing, which includes travel restrictions and avoiding large gatherings. Governments are imposing lockdowns and placing quarantine measures nationwide. Organizations are providing flexible working arrangements. Coronavirus has triggered the biggest work-from-home movement in history. To swift through the crisis, companies should also focus on effective communication, ensuring trust and disaster planning.

A majority of organizations are providing work from home options to their employees, cybersecurity has become an even bigger concern than before. While organizations are hurriedly implementing these changes, they are exposing themselves to more potential threats like compromised user credentials, organization’s data theft, and phishing attacks. For providing secured remote access, organizations should assess their existing security framework. Technologies like modern Network Access Control, Software Defined Perimeter, and other Zero Trust network access solutions will find more acceptance and witness a sharp growth in demand.

Decoding Zero Trust Security | Concept and various Models (Part-2)

The previous part of the blog talked about the concept of Zero Trust security, its relevance, and how it is catching traction in today’s time. This part talks about the different models to implement Zero Trust security in organizations. There are three different ways in which organizations can choose to implement Zero Trust security.

1. Software Defined Perimeter (SDP)

Software Defined Perimeter is an approach in network security that safeguards user access to applications and information irrespective of the location, time, and nature of the device used. Software Defined Perimeter follows a zero trust approach, wherein the network security posture is that of default deny. Access is granted upon authenticating and authorizing both user and device.

By making the applications and resources invisible and preauthorizing users and devices, SDP protects enterprise applications from a range of attacks like- denial of service, credential theft, server exploitation, connection hijacking, and APT/Lateral movement. Unlike the previous security models that worked till the network layer, SDP works right up to the application layer. It provides granular control on applications as users are allowed access only on authorized applications and not others.

2. Network Micro-Segmentation

Micro-segmentation or network Micro-segmentation is slicing the network into small logical segments and controlling access to applications and data on those segments. Diving the network into smaller segments reduces the attack surface for malicious attackers. Micro-segmentation policies are based on logical attributes or resource identity versus the user’s identity or IP addresses. Micro-segmentation creates an intelligent grouping of workloads based on their characteristics. It provides centralized dynamic policy management across networks, independent of the infrastructure.

3. Identity Aware Proxy (IAP)

IAP architecture offers access to applications through a cloud-based proxy. It follows the principle of least privileged access like SDP, but applications are accessed through standard HTTPS protocols at the application layer. Unlike SDP, which uses a direct tunnel for data transfer, IAP architecture provides authenticated and authorized secured access to particular applications using a proxy layer.

Google was the first one to implement zero-trust security architecture in their business using BeyondCorp, through an Identity Aware Proxy model. BeyondCorp is their internal network and access security platform designed for employees to access internal resources. BeyondCorp is a web proxy-based solution that supports HTTP, HTTPS, and SSH protocols. Following BeyondCorp, Google also launched Cloud Identity Aware Proxy for access control and protecting data in the cloud. Cloud IAP shifts access controls from the network perimeter to individual users.

Irrespective of whichever zero trust model companies choose to implement; it should be able to integrate with the company’s existing security infrastructure seamlessly.

(This is Part 2 of the blog and it explains the various models to implement Zero Trust security in organizations. To read on the concept of Zero Trust security refer HERE)