Blue Hexagon Blog

Securing Remote Worker – Did You Alter Your Security Architecture?

“As the way we work undergoes metamorphosis , the fundamental things apply there is an utter need for complete and accurate real-time visibility and inspection of network access to data, assets, applications, and services.” — A Network Security Practitioner

COVID19, with its ramifications on IT infrastructure, has indelibly altered the landscape of IT security – the bad guys now have a larger surface-of-attack and longer window-of-vulnerability to exploit than ever before. As the majority of the workforce becomes distributed and remote for the foreseeable future; the surface-of-attack comprising data, assets, applications, services, and people has increased significantly. Combined with adverse employee wellness and fatigue (both mental and physical), the odds of (automated) attackers striking when the guard is down just went up dramatically. Early data provides evidence of the emerging trend of increased scale and tactics of cyberattacks since the crisis began [1].

Security and networking teams have been remarkably resourceful, with many demonstrating great situational awareness in facing the security challenges of the altered IT landscape. Some have taken on the shared responsibility of the public cloud, others have embraced cloud-based secure access gateways, while yet others have ramped up VPN/MPLS capacity to backhaul traffic to their datacenters and entered the brave new world of split tunnelling to reduce the load on their VPN infrastructure. While a few have taken the plunge with ZTN; the wary have wet their feet, applying ZTN theory in practice for a limited number of lower-risk assets.

Yet, our conversations with several security teams in these recent few weeks surfaced a sense of unease and discomfort underlying the spectrum of the above transformations:

  • Back-hauling traffic to your datacenter? 

Better verify no bad actor is hitching a free ride in from a compromised unmanaged asset. Inspect all backhauled traffic under significantly increased load. Without dropping a packet. In real-time.

  • Is ZTN really “Zero Trust”?

Know that the core pillar of ZTN is “ANALYZE EVERYTHING”; since zero trust is really limited-ephemeral-trust which could be stolen by attackers who in turn could leverage the trust to exploit vulnerable implementations of the ZTN paradigm to nefarious ends. Again, you need to inspect while you trust!

  • Deploying SASE?

SASE is all about integration and convergence of existing networking and security technologies; it does not fundamentally alter your ability to detect advanced threats. To the contrary, you may be relinquishing your freedom to enhance your security posture with advanced security tools. Complement SASE with full inspection and advanced threat detection with the tools of your choice.

  • Moving to the public cloud?

Welcome to BYOSecurity. And inspect all traffic north-south, east-west, up-down. Protect your cloud compute, data, and network. 

As the way we work undergoes metamorphosis, the fundamental things apply there is an utter need for complete and accurate real-time visibility and inspection of network access to data, assets, applications, and services. But wait, wasn’t this always the case? Yes, but as illustrated above, the adverse consequences of not fulfilling the need just got amplified manyfold. If you altered your security architecture, make sure you have your bases covered with full visibility and inspection of every bit flowing through your network!

Deep Learning Security Scales for 100% Remote Worker Traffic Inspection

Blue Hexagon Network Detection and Response addresses this need with its next-generation artificial intelligence solution that comprehensively analyzes payloads, protocols, and headers in a hyperdimensional space to conclusively convict malware and threats. 

Blue Hexagon Real Time Deep Learning based Network Detection and Response provides: 

  • Real-time Inspection of 20 Gbps and higher speed traffic 
  • Sub-second Detection of known and unknown threats, even zero-day malware
  • Active Adversary Detection including lateral movement in your network and cloud
  • Complete Autonomy with pre-trained AI models requiring no human triage and no baselining delays
  • Native Deployment in AWS and Azure cloud, on-prem network, and as a SaaS service for Microsoft 365 Email.

For a limited time, you can also take advantage of a 60-day free subscription offer that we announced recently.

[1] NASA CIO Agencywide Memo: Alert: Cyber Threats Significantly Increasing During Coronavirus Pandemic