Every Resilient Organisation Uses Intrinsic Security

Posted on 26 January, 2022

OWASP PUBLISHES THE TOP 10 WEB APPLICATION SECURITY RISKS EVERY YEAR. IN 2021, A NEW CATEGORY WAS REPRESENTED FOR THE FIRST TIME: SECURITY DESIGN. IN THIS BLOG ARTICLE, WE EXPLAIN WHY COMPANIES NEED TO BREAK NEW GROUND IN IT SECURITY AND HOW VMWARE IS USING INTRINSIC SECURITY TO INCREASE RESILIENCE AGAINST CYBER THREATS.

It was not obvious for many years. The pandemic has made it visible. A virus in the analogue world has accelerated the digital transformation and the shift towards cloud and edge computing and modern workplace models with mobile and remote desks. And it has shown how vulnerable the IT services of many companies around the world are. A myriad of different security solutions and distributed responsibilities (silos) have done more harm than good to corporate security.

In modern companies, however, the processes and interrelationships are now so complex that hardly anyone can keep track of them anyway. It is therefore not surprising that human shortcomings such as broken access control, misconfigurations, outdated components or identification and authentication failures are also among the top 10 security risks in 2021. Therefore, shifting the responsibility for security to the individual employees is the completely wrong path.

VMware is taking a new approach to IT security with Carbon Black Cloud. Instead of only reacting to threats, VMware relies on AI and Big Data. VMware's intrinsic approach is not a product. The goal is to take the responsibility for IT security away from the individual employee. It takes place continuously and transparently as a process in the background. We explain this using the example of virus scanners.

DON'T GIVE RANSOMWARE A CHANCE 

Malware is a major threat to businesses. Malicious code can enter the enterprise through many routes. It often hides undetected for many weeks or even months in a company before it is executed. Most security tools are signature based and only protect against known malware. That leave businesses at risk and vulnerable to zero-day or sophisticated attacks.

Another major risk is the time factor when updating signatures. The time span between the discovery of a vulnerability, the creation and delivery of a signature and the installation of an update allows attackers to penetrate the company network undetected and cause harm.

Very often, there is also no central management of all security products used in the company, which leads to further attack surfaces.

Remote endpoints and edge devices are particularly vulnerable. They cannot hide behind a central firewall or virus scanner. The visibility in public networks makes it easy for attackers to invade. Affected devices are detected much too late and can cause great damage. In order to take appropriate measures, many actions are usually necessary and not infrequently several departments are involved. Read our blogpost on the vulnerability of the Anywhere Workforce.

Intrinsic security involves the continuous monitoring of the behaviour of all devices, end points and data flows, including the internal traffic. The data collected in this way is continuously analysed in real time, put in relation to each other and to historical data, and compared with behaviour that has been learned to be harmless. At the slightest deviation from the behaviour learned as normal or the smallest irregularities, automatically measures are taken. These measures range from alerting security officers to quarantining affected endpoints or completely blocking entire network sections.

All intrinsic security benefits with VMware Carbon Black

  • Investigates attacks in real time
  • Consolidates the management of multiple prevention needs a single product and console
  • Protects from known and unknown threats incl. Zero-Day-Attacks or Advanced Persistant Threats (APT)
  • Easier investigation into security incidents and faster mean time to resolution (MTTR)
  • Secures your business on-premises, in the cloud, in remote and branch offices (ROBO) and the Anywhere Workspace
  • Reduces overhead and TCO
  • Manages read, write and execute access for USB devices

Learn more about the Anywhere Workspace in our on-demand webinar. Or visit our landing page on intrinsic security from VMware with many useful documents to download.

Read this checklist to find out what else you can do to protect your data from ransomware.

 

Tags: WMware, Intrinsic Security

RSS Feed

Sign up to our RSS feed and get the latest news delivered as it happens.

click here

Test out any of our solutions at Boston Labs

To help our clients make informed decisions about new technologies, we have opened up our research & development facilities and actively encourage customers to try the latest platforms using their own tools and if necessary together with their existing hardware. Remote access is also available

Contact us

ISC 2022

Latest Event

ISC 2022 | 29th 5 - 2nd June 2022, Congress Center Hamburg, Germany

Boston are back at ISC - the event for high-performance computing, networking and storage. Join us on Booth B213 alongside our technology partners, AMD, Intel, Micron, NVIDIA, Pavilion, Western Digital, ZutaCore.

more info