Jul 30, 2020
All links and images for this episode can be found on CISO
What is the Holy Grail of secure access? There are many options,
all of which are being strained by our new work from home model.
Are we currently at the max?
this post for the discussion that is the basis of our
conversation on this week’s episode co-hosted by me, David
Spark (@dspark), the
producer of CISO
Series and Allan
Alford (@AllanAlfordinTX). Our
sponsored guest is Rohini Kasturi,
chief product officer, Pulse
Thanks to this week’s podcast sponsor, Pulse
Pulse Secure offers easy, comprehensive
solutions that provide visibility and seamless, protected
connectivity for hybrid IT in a Zero Trust world. Over 24,000
enterprises entrust Pulse Secure to empower their
mobile workforce to securely access applications and information in
the data center and cloud while ensuring business
On this episode of Defense in Depth, you’ll learn:
- Multiple technologies, such as VPN, split-tunnel VPN, VDI,
SASE, EDR, and secure management, are used in attempts to insure
secure access. But given that secure access isn't just about
managing endpoints, but users, you also have to look at IAM.
- We look to conditional access to provide more support than just
full VPN access.
- Argument that we are moving away from endpoints to identity as
that's the new perimeter.
- SASE solution blocks by default, instead of allows by default,
and requires permission for access. User is secured dynamically
based on a combination of identity and device.
- Would be great if secure access solutions were universal, but
they vary country by country based on costs, availability, and
- Secure access models must be user experience first. One
possible play that works in this way is IAM + SASE + EDR + secure
- Another factor that prevents the one-size fits all model for
secure access is the complexity of stacks.