Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Are third party VPN gateways on their way out?

Sean Duca, Vice President and Regional Chief Security Officer, Asia Pacific, Palo Alto Networks | May 5, 2016
Sean Duca of Palo Alto Networks shares his thoughts on how third party VPN gateways are on their way out due to the rise of the mobile workforce.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

In recent years, cybersecurity has emerged as one of the top concerns for business and government leaders around the world. A troubling number of high-profile attacks targeting large companies including banks, telecommunications firms and airlines, to name but a few, has led many IT security managers to question if adequate measures are in place within their own networks. Sophisticated attackers are employing new techniques to penetrate networks and using advanced methodologies to avoid detection. This includes masking their activities as legitimate application traffic.

Even as organisations in Asia Pacific attempt to secure themselves against cyberattacks, it is important to note that the emergence of cloud and mobile is transforming many of the same organisations. For example, cloud-based applications place sensitive data outside the traditional enterprise perimeter and mobile devices are continually connecting to networks that are not secured from advanced threats. The end result is that the sheer number of variables that need to be secured has increased exponentially.

These trends introduce a paradox for many organisations and as the number of mobile users in Asia-Pacific continues to grow, a great divide in cybersecurity protection is forming.

Due to the common misconception that mobile security is a matter of remote access and secure connectivity, security teams tend to provide users with a virtual private network (VPN) as a solution to "protect" the mobile workforce. However, the mobile workforce requires protection from targeted cyberattacks, evasive application traffic, phishing, malicious websites, command and control traffic, and several other known and unknown threats. Typical VPN appliances are unable to inspect traffic, much less understand its content, and thus create a dangerous conduit for threats both to and from the corporate network.

So, it turns out that despite the best intentions, mobile users are hardly being protected against advanced cyber threats. On the other side of the coin, the lack of protection for the mobile workforce has not gone unnoticed. Hackers are shifting their attention toward mobile users because of the likelihood that there is inadequate protection in place.

You can't protect what you can't see - and mobile application traffic is often unseen. Security teams lose the visibility into users' mobile activities when they leave the office network. Without visibility, IT security managers are unable to stop exploits, known and unknown malware, and malicious websites from reaching the end user's mobile device. If the end user's computer can be infected with malware while working remotely, there is nothing to prevent attackers from gaining access to the organisation's network when the user reconnects their device to the office network.


1  2  Next Page 

Sign up for Computerworld eNewsletters.