Zeroing In on Security

Keeping your UC environment secure used to be… well, if not easy, at least far less complicated than it is today. While UC applications come with their own unique requirements and vulnerabilities, at least the systems sat on your private network, all buttoned up.

But those days are gone at most enterprises, with UC and myriad other communications and collaboration applications now often provided in whole or in part from the cloud. And many users these days don’t tend to be stationary, which means they’re taking access to those applications on the road via their mobile devices. In a recent No Jitter On Air episode, “Why You Need to Keep UC Security Top of Mind,” UC and security expert Sorell Slaymaker summed up the current state as such: “As UC evolves into this visual, virtual world, being able to really control and limit what people can do with their devices and their applications such as unified communications becomes a real enterprise challenge.”

Slaymaker will be on hand at Enterprise Connect 2019, taking place the week of March 18 in Orlando, Fla., to share his best practices for securing UC. If you’re attending EC19 and security is top of mind for you (isn’t it always?), you might sit in on his session, which takes place on opening day at 9:00 a.m. in Sun B. And be sure to hit up the Expo floor for exhibitors that can help you lock down your UC environment.

 

Zero-Day Approach

One such exhibitor is Cato Networks (booth 1245), which earlier this week beefed up its security portfolio with improved endpoint threat detection.

With its first new offering, a managed service called Cato Managed Threat Detection and Response (MDR), Cato is providing enterprises the option of using its security operation center (SOC) team to detect compromised endpoints -- smartphones accessing the corporate UC system, perhaps. Cato MDR includes a foursome of capabilities -- automated threat hunting, expert threat verification, threat containment, and guided remediation -- that parlay artificial intelligence (AI) and human smarts.

To facilitate automated threat hunting, for example, Cato said it zeros in on threats in a process that uses machine learning algorithms to find anomalies and correlate them with threat intelligence and heuristics. Cato’s security researchers then assess the validity and severity of the risk presented by those flagged endpoints, and alert on and contain those they find to be credible, the company described in its press release. Lastly, the SOC team shares advice with the enterprise on the risk level and remediation – and, of course, follows up until the threat no longer persists.

In the second update, Cato is providing zero-day malware prevention via SentinelOne’s AI-based endpoint security technology. Cato has implemented the SentinelOne threat prevention engine, which will run in its points of presence globally to provide network-level defense, the company announced. The goal, Cato said, is to prevent malware from “ever reaching targeted endpoints or moving laterally across the WAN.”

 

Zero-Trust Networking

While you won’t find Meta Networks on the EC show floor, it is another company aiming to boost security for today’s cloud-based, mobile-first enterprises. Meta Networks, which bills itself as a network-as-a-service (NaaS) provider, earlier this week released enhancements for its zero-trust Software-Defined Perimeter (SDP) platform, delivered via a software layer over cloud infrastructure.

Zero trust, as Slaymaker has previously explained on No Jitter, “means no trusted perimeter -- everything is untrusted and, even after authentication and authorization, a device or user only receives least privileged access. Such is necessary to stop … potential security breaches.”

With Meta Networks’ approach, all mobile devices outside the traditional corporate perimeter connect to Meta NaaS, eliminating the need for a traditional VPN scheme, Etay Bogner, CEO of Meta Networks, said. “We’re giving customers fixed IP in the cloud,” he said.

Because VPNs are site-centric, users must sign on and off based on their locations. But as a cloud service, Meta’s SDP is always on, which makes it user-centric: Mobile devices are always connected to its network in the cloud, and from there users have ready access to internal applications, he added. And this, he noted, includes on-premises UC&C platforms.

Ultimately, Bogner said, “we believe that because of cloud migration and mobility, with users working from everywhere, … the less services you’ll have in smaller offices, the less reason to connect those small offices to a corporate network. That’s where we’re going.”

Toward that end, the Meta NaaS platform now supports a variety of security, management, and usability enhancements.

  • On the security front, the platform now includes more comprehensive monitoring and alerting of events such as user access to sensitive data, forbidden connection attempts, and failed logins. Meta has also added the ability to put policies in place for checking and remediating a device’s security posture before allowing connectivity, and a Web recording capability for auditing activity during clientless Web app access.
  • For management, administrators can now tag all network elements for use in defining and applying policies to dynamic, heterogeneous user groups. In addition, Meta now supports the System for Crossdomain Identity Management (SCIM) specification, for accelerated user provisioning and onboarding. This helps keep users, groups, and attributes within the system in check, Meta said.
  • To improve usability, Meta has rolled out new client apps as well as the support for direct hyperlink access to Web applications.

Whether at EC or elsewhere, enterprises must study ways to evolve their approach to securing UC&C environments. After all, in addition to the growing number of entry points to a corporate network, the threats themselves are evolving, too. As Slaymaker told our No Jitter On Air listeners, “Organizations need to learn how to be able not only to secure the corporate solutions but all the solutions used for communications throughout the entire ecosystem in the digital enterprise.”

We hope to see you at Enterprise Connect! If you haven’t registered, use the code NJPOSTS at checkout to save $200 off your pass.