MSPs are often confounded by the intricacies of balancing security with convenience while still bringing things in under budget.
What's more, the advent of multiple cloud environments and hybrid IT is forcing organizations to spend more on data security. Yet, those increased expenditures have resulted in a decreased confidence in the capacity to handle security threats. That demonstrates there is a need to change how security solutions are provisioned and administered - something savvy MSPs are prepared to accomplish.
A study published by Pulse Secure, a vendor providing software-defined secure access solutions, gives credence to the challenges faced by enterprises experiencing rapid technological change.
Simply put, initiatives such as digital transformation are changing the information security landscape, resulting in companies facing deficiencies in their security. Other changes, such as the combination of private cloud services, public cloud services, datacenters, and the introduction of mobile and BYOD devices into the work environment, are creating additional vectors for attackers.
Additionally, the survey reveals that enterprises are aware of these new challenges and are taking steps to mitigate threats, including improving endpoint security and remediation prior to access, enhancing IoT discovery, isolation and access control, and fortifying network and cloud access visibility and resource segmentation. Recognizing these new types of threats, 91 per cent of enterprises plan on increasing secure access expenditure over the next several months.
Pulse Secure is recommending that enterprises adopt a Zero Trust approach to cybersecurity to alleviate many of those security issues. Zero Trust systems forgo the assumption that any user, system or service within the security perimeter should be trusted, and instead requires each action to be independently verified. It's a stark difference from traditional perimeter security systems, which grant privileges to users who are allowed to access the network.
Zero Trust systems treat all traffic moving through the system as untrustworthy until it can be legitimacy verified. Pulse Secure, and numerous other security solution vendors, developed the Zero Trust ideology as a response to breaches of systems that involved attackers gaining access to sensitive data by bypassing corporate firewalls, after which point they had broad access to information within the network.
According to Scott Gordon, CMO at Pulse Secure, "the acceleration to leverage hybrid IT service delivery and the impact of consumer and IoT device in corporate networks is ushering in a new swath of endpoint security and data breaches as reflected in news. We are seeing the impact of these exposures. Organizations are motivated to deploy Zero Trust access security systems, such as software defined perimeter, to increase user, device and resource authentication and mitigate access visibility and control gaps."
Though published by Pulse Secure, the survey was conducted independently by IDG Connect, and respondents comprised of more than 300 information security decision makers in enterprises with more than 1,000 employees across US, UK and DACH regions. Furthermore, the respondents represented a number of industries, including financial services, healthcare, and manufacturing.
Zero Trust systems are also designed to accommodate the modern hybrid IT environment, which is comprised of a multitude of devices and systems, including mobile smartphones and IoT devices. Zero Trust systems not only mitigate the risk of attacks, but can also limit the extent of an attack and provide organizations with forensic tools to help identify attackers.
Those points could prove to be the appropriate fodder for MSPs looking to engage with new customers that are becoming flummoxed by the complexities of cybersecurity in hybrid systems. "Cybersecurity is becoming a top concern for both integrators and their clients," said Raj Mehta, CEO of RAJ Technology Group, a Plainview, New York based systems integrator.
"With each reported breach in the news, it becomes much easier to sell cybersecurity hygiene to those clients concerned with privacy and compliance requirements," added Mehta.
As the complexity of information systems has increased, so too has the complexity of security systems. Respondents indicated that organizations employ three or more secure access tools for each of the 13 solutions presented in the survey, with larger companies having more tools than smaller ones.
In response to this additional complexity, nearly half of the organizations surveyed expressed interest in consolidating their security tools into suites. While all industries face security challenges, the particular challenges vary; for instance, healthcare organizations experienced greater mobile and web app exposures, financial services experienced the most business impact related to application availability, and the manufacturing industry prioritizes refining privileged user or service account-based access.
Each of those vertical markets prove to be prime targets for solution providers hawking security solutions, and Zero Trust systems my very well be the best salve to cure the all too common breach.
Tyler Ohlhorst contributed to this article.
Some say performance, others say money but it may be systems and processes that carry the day
Channel players highlight where they expect to see the impact of this week's mega-merger
The networking vendor claims its buy out will bolster its as-a-service proposition with partners and customers
CPI breaks down the 50 largest players across the continent as part of our Global Elite 2019 report