By Vijay Jayaraman – Director – System Engineering, India & SAARC, Citrix
For a business to thrive in today’s world, it is critical for it to have innovation and technology at its core. However, it is also important to understand that the more we try to diversify the technology we use and rely on it to carry out work, the more vulnerable we are to external threats and attacks. It is therefore important for every organization to not only use technology to ease processes but also create a robust security framework that safeguards the entire business.
So, what is the best way to protect your business from malicious threats?
Let’s take a look at our own homes. Everyone has a lock on their front door which provides a certain level of security. This security improves significantly once complemented with an alarm and video surveillance system that is capable of tracking movement through the house. But this won’t stop criminals from trying to break a window, deactivate the alarm system or even just monitor your every move to gather any sensitive information. Now, translating this to businesses – a zero-trust network architecture (ZTNA) is an important first step to enhance workplace security. As opposed to a VPN based security system, zero trust adds multiple layers and restricts access to the critical business resources whether they are on premise or on cloud. It employs multi-factor authentication, machine learning-based analysis, and continuous monitoring that ensures optimum security in the network.
However, just implementing this architecture is not enough. In many companies, it has been observed that most vulnerabilities reported are in applications and not in the network. Businesses, therefore, need to take additional steps for a comprehensive strategy that not only understands vulnerabilities in the network but in the applications as well. With applications moving away from being monolithic and progressing towards cloud-based micro service architectures, it becomes important for organizations to focus on in-house applications and on the new public cloud or hybrid cloud-based micro services.
While doing so, emerging technologies like Artificial Intelligence (AI) and Machine Learning (ML) can play a significant role. It can help detect sophisticated attacks including zero-day attacks much faster than what’s possible with human intervention alone. Another way to address application security is by implementing a web application firewall (WAF) that provides low latency, high performance, and keeps applications secure by protecting them against both known and unknown application attacks and providing insights for faster remediation. Not just this, WAF also guarantees a seamless user experience despite the continuous security monitoring taking place in the backdrop.
Now let’s talks APIs!
When we look at business vulnerabilities, application programming interfaces (APIs) can’t be ignored. Along with web applications, APIs are the engines of digital transformation, but they are also highly vulnerable to attacks. They provide a critical risk surface since it automates cross-application workflows and allows various applications to communicate internally. This, therefore, gives access to a lot of company data and failure to protect this can put the entire business at a huge risk. In fact, without API monitoring, data exfiltration can even go unnoticed. In addition to this, the risk of API abuse needs to also be factored in, i.e., overloading APIs and bringing business to a halt. For example, in some instances of API abuse, legitimate users download more data than is typical but stay under predefined rate-limiting rules, which is difficult to detect using traditional means.
As IT environments become more complex, so does securing all the APIs that connect the essential components and facilitate client access. Therefore, creating a robust API security framework is very important. Firstly, there needs to be an inventory to discover unknown (or ‘shadow’) APIs and implementation of a company-wide API access control using standardized authentication mechanisms. Next, API call thresholds need to be set to protect APIs from any abuse. All of this, of course, is in addition to continuously monitoring your important data for e.g., information regarding API usage, performance, errors, authentication failures, etc. For these processes too, AI and ML provide insightful help. Authorities can preset rules that reject requests outside of the system or from other geographies, thereby reducing the chances of abuse. This way they can also prevent their applications from slowing down or being taken down by excessive API traffic.
Malicious bots – how do we tackle them?
Once application-based attacks have been successfully understood and mitigated, organizations need to focus on malicious bots that can scan new sites for weaknesses and harvest sensitive information. It is important to understand that not all bots are bad – for example, businesses often use chat and voice bots to handle incoming customer messages and calls. Hence, organizations first need to identify if the bot is malicious or harmless based on their reputation score, geolocation, bot fingerprinting, and other parameters that help distinguish them from humans.
Here is where modern application delivery management (ADM) technologies come in and help identifying even the most sophisticated bots. Bot mitigation technology is an essential part of a business’ online security framework. Let’s take the retail industry for example. It can alert online retailers whenever competitors are trying to automatically collect pricing information from their websites. Not only this, but it also helps improve customer experience and cuts cost by minimizing unwanted bot traffic.
A holistic security framework is the way forward!
Zero trust adds a security mindset to IT architecture and follows the principle: never trust, always verify. However, a truly zero trust environment cannot be attained just by implementing ZTNA, because that will only fortify the metaphoric front door of the company network. When deployed with application security, API security, and bot mitigation, businesses are able to fortify themselves and restrict the pathway for other malicious attempts as well.
Organizations need to be proactive when it comes to strategizing their security framework. A comprehensive zero-trust framework that closely monitors all activities without hampering employee or customer experience at any stage is imperative. After all, security is only as good as its weakest link.