Akamai Diversity

The Akamai Blog

Protecting the New Online Frontiers: Akamai on Watch

At Akamai, security is at the heart of everything we create. After more than two decades on the front lines of the Internet revolution, Akamai continues to pioneer strategies, products, and solutions that keep the world's information safe and secure. We protect you from the data center, beyond the cloud, and to the Edge.

Evolving With Modern Threats

The malignant forces on the Internet are always evolving, and so is Akamai. We're responding to a growing number of attacks that penetrate companies from the inside out, rather than the outside in through the traditional perimeter. Today, many of the threats to large companies come from internal sources, as attackers use insidious techniques to breach employee's machines.

Today, over 40% of corporate security breaches originate with authorized users accessing authorized systems, and over 90% of malware uses DNS to move within an enterprise.

As the workforce becomes increasingly mobile, so does the chance of exposure. Around a third of all mobile devices have a "medium-to-high" risk of data exposure. In 2016, the number of malicious installation programs that were striking mobile devices tripled. With modern conveniences and access comes newrisks.

Akamai's Edge

To combat these evolving threats, Akamai has moved away from traditional, perimeter-based security, which is complex, risky, and no longer compatible with today's business models. Applications, users, and devices are moving outside, dissolving what was once the trusted enterprise perimeter. Protection is needed where the applications and data reside.

Our solution is to embrace a "Zero Trust" model. We believe in Zero Trust as a strategic vision where nothing is implicitly trusted. The Zero Trust model does not distinguish between the internal and the external, and everything is treated as an external threat that requires verification with full logging and behavioral analytics. Applications and data are only delivered to authenticated, authorized users and devices, and user access is limited to only the applications and information they need. Zero Trust is delivered as a service from the cloud and provides full visibility into the process.

We consider Zero Trust to be the present and future of online security, and it's one of Akamai's key company-wide initiatives. Recently, Zero Trust was the theme of our 2018 Akamai Government Forum in Washington D.C., to highlight its importance for all corporations and governments.

What Should You Do?

If you're wondering how to get started with Zero Trust, we recommend these steps:

1. Conduct a threat check to gain visibility into your environment and determine devices' current exposure to malware and phishing. Many networks have already been compromised and have active malware that has escaped detection by existing security measures. Administer a free 30-day Enterprise Threat Check for a customized report on threats presently active in your environment and tailored suggestions on how to eliminate those advanced threats. It's fast and easy to implement, with minimal network changes required, and is typically a quick win for IT teams.

2. Stop giving network access to your users. Full network access increases your threat exposure. User access should be restricted to only the applications an individual needs -- not the entire network. For operational efficiency, start with the applications that are easiest to transition, such as web applications and any new applications, and publish those based on Zero Trust security principles. Then conduct a Zero Trust Architecture Assessment to develop a comprehensive plan to migrate from your current state to a Zero Trust framework. This includes profiling users and applications, as well as developing a customized phasing plan for all applications, including legacy on-premises applications.

3. Eliminate traditional VPN for specific user groups. As you move to a Zero Trust security framework, you should stop trusting your endpoints implicitly and work to decommission legacy access - including VPN and privileged corporate Wi-Fi/Ethernet segments -- to remove the associated trust at the inner layers. Start by provisioning access based on Zero Trust security principles to high-risk user groups, such as contractors. Then determine a phase-out plan for legacy access for all users.

It's important to continuously adapt your enterprise's approach to security in response to evolving business and threat landscapes. Transitioning to a Zero Trust security architecture enables you to simply and effectively safeguard your applications, users, and devices. To learn more about starting your Zero Trust transformation today, schedule a workshop with an Akamai security specialist. Together, we'll identify additional opportunities and actions to evolve your enterprise to a Zero Trust model.

For more information on the Zero Trust philosophy and Akamai's security solutions, please visit our website. You can also download Akamai's newest security whitepaper here. 

_____________________________

Sources:

  1. IDC InfoBrief, Sponsored by Akamai, Remote Access and Security, September 2017

  2. Cisco 2016 Annual Security Report

  3. Symantec Q2 2017 Mobile Threat Intelligence Report

  4. Kaspersky Lab's Mobile Malware Evolution 2016 Report

Leave a comment