Jul 30, 2020
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-secure-access/)
What is the Holy Grail of secure access? There are many options, all of which are being strained by our new work from home model. Are we currently at the max?
Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our sponsored guest is Rohini Kasturi, chief product officer, Pulse Secure.
Thanks to this week’s podcast sponsor, Pulse Secure.
Pulse Secure offers easy, comprehensive solutions that provide visibility and seamless, protected connectivity for hybrid IT in a Zero Trust world. Over 24,000 enterprises entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance.
On this episode of Defense in Depth, you’ll learn:
- Multiple technologies, such as VPN, split-tunnel VPN, VDI, SASE, EDR, and secure management, are used in attempts to insure secure access. But given that secure access isn't just about managing endpoints, but users, you also have to look at IAM.
- We look to conditional access to provide more support than just full VPN access.
- Argument that we are moving away from endpoints to identity as that's the new perimeter.
- SASE solution blocks by default, instead of allows by default, and requires permission for access. User is secured dynamically based on a combination of identity and device.
- Would be great if secure access solutions were universal, but they vary country by country based on costs, availability, and regulations.
- Secure access models must be user experience first. One possible play that works in this way is IAM + SASE + EDR + secure management.
- Another factor that prevents the one-size fits all model for secure access is the complexity of stacks.