Get In Touch
Recently by Robert Blumofe
Maybe you've just found out that your company's IT organization is implementing Zero Trust. Does that mean they don't trust you? "Zero Trust" sure sounds that way. Maybe you've read about it online or heard somebody talk about it in terms that equate Zero Trust with the idea that users and devices are never trusted. It's hard to feel good about an IT organization that doesn't trust the company's own
With the transition to remote work, we often hear the term remote access used in unison. Typically, remote work application access is facilitated via a remote access mechanism and, presumably, local work application access is facilitated via a local access mechanism. But I argue that this connection does not really hold true. Sure, remote work does require the use of a remote access mechanism, but the mechanism can and should
Backhauling traffic destroys performance, and backhauling attack traffic can destroy even more. Nevertheless, in a traditional security deployment model, we are faced with the lose-lose options of either backhauling all traffic to the security stack or allowing some accesses to not go through the security stack. Of course, in the modern world where cyberattacks can cause enormous damage, the latter option is not really an option at all. All traffic
Though Zero Trust is really quite simple and should be viewed as a very strong form of the age-old principle of least privilege, that does not mean that it is the same thing. In fact, one of the most significant differences from what came before is that when it comes to access, Zero Trust is based on application access, not network access. I was surprised, then, when Gartner's new SASE
If the term Zero Trust has been popping up in your news feed with astonishing frequency lately, you may be tempted to think that Zero Trust must be a brand-new technology cooked up in a research lab at MIT and powered by the latest artificial intelligence, machine learning, quantum computing, and a 1.21 gigawatt flux capacitor. In this and subsequent blog posts, I want to make the case that, in
One year and a half following the start of the COVID-19 pandemic, we're seeing most companies either maintaining their remote work policies or slowly moving to a hybrid model. In fact, an estimated 36.2 million Americans will be working remotely by 2025, which is nearly double pre-pandemic levels. Alongside this shift, 2020 came and went with a sharp increase in cyberattacks, due in part to a near-exclusive reliance on the
In early May 2021, the President of the United States issued an executive order on cybersecurity, and though it will take some time for executive branch agencies to develop formal rules, the order itself includes a lot of what I consider to be best practice in cybersecurity, including the use of multi-factor authentication (MFA) and Zero Trust, mentioned by name. The call for adoption of cybersecurity best practices makes a
The workforce is remote, the data center is the cloud, the corporate network is the internet, and the security stack is at the edge.
The future of work is multi-modal, the future corporate office is a private coffee shop with great Wi-Fi, and the future of enterprise security is going to have to adapt rapidly.