Changes in the workplace, employee preferences, external users, and customer services have made remote access to cloud applications outside the corporate network or VPN commonplace. Simultaneously, changes in SaaS usage and data with access by both human and machine identities, new compliance requirements, and cloud-to-cloud connectivity between SaaS applications have created new risks that security teams need to address.
This article describes how Cisco and AppOmni have teamed to extend zero trust principles to secure SaaS applications and data with a closed loop zero trust architecture.
Introducing Zero Trust Posture Management
The myriad SaaS applications used by today’s organizations are procured, configured, and managed by multiple departmental owners or business units with little or no visibility to security teams. Nearly all SaaS breaches involve some violation of implicit trust models — for example, a user in a sales operation role can grant Salesforce access to guest users; a test user is able to create new users and grant them new privileges. These scenarios are all too common with how SaaS applications and users are set up.
Zero-trust architectures are built by granting explicit trust that is continuously assessed based on identity and contextual risks. If such zero-trust principles can be extended to SaaS applications, policies would be designed, maintained, and monitored such that SaaS identities would never be implicitly trusted and always verified regardless of the location of the user. This zero-trust model for SaaS needs to be implemented using the just-in-time context of the application, data access, users, behavior, and events. It should be able to work together with the ZTNA controls to give security teams better mechanisms to prevent, detect, and react to attackers at the application level. These capabilities are collectively called Zero Trust Posture Management (ZTPM) for SaaS applications.
Cisco Secure Access and AppOmni SaaS Security Platform
Cisco Secure Access provides a robust, cloud-delivered SSE solution that is grounded in zero trust and delivers protected access from any user to any application. Cisco Secure Access simplifies IT operations through a single, cloud-managed console, unified client, centralized policy creation, and aggregated reporting. Extensive security capabilities are converged in one solution (ZTNA, secure web gateway, cloud access security broker, firewall as a service, DNS-layer security, remote browser isolation, and more) to mitigate risk by applying zero trust principles and to enforce granular security policies.
As a complement to Cisco’s zero trust access approach, AppOmni has implemented ZTPM principles to fill a critical void in traditional zero trust implementations by securing the application layer regardless of access location with unparalleled visibility into configurations, security postures, SaaS identities (human and machine), and user behaviors within SaaS applications. It ensures that the principles of zero trust are embedded deeply within the applications that manage and process vital business data.
Closed-Loop Zero Trust Implementation with Cisco and AppOmni
How ZTPM Complements ZTNA
While Cisco Secure Access provides seamless and managed access to internal and external applications based on identity and device posture, AppOmni extends this security through the application layer.
Cisco Secure Access delivers:
- Secure access to all applications including those involving non-standard protocols as well as those based on multi-channel and client-to-client architectures
- A single unified management console across all security modules
- Comprehensive ‘best-of-breed’ security capabilities, consistent rulesets, and entails a minimal learning curve
- Resilient cloud-native architecture with extensive end-user count scalability, efficient single-pass processing for faster responses
- Automatic load distribution and rebalancing of traffic fosters better performance
AppOmni ZTPM capabilities include:
- Visibility into data access configuration and least privilege within SaaS applications
- Security coverage for all SaaS identities (human and machine) i.e. external users, anonymous/ guest-users, and third party or cloud-to-cloud applications
- Application and identity-aware threat detection to monitor user behavior of internal and external users
- Continuous security of application posture, configuration drift, and critical application components of SaaS applications
- Identify and mitigate misconfigurations such as side-loaded accounts or misconfigured Single Sign On (SSO) that may allow bypassing of ZTNA controls and protect your users from password attacks and account compromise
Continuous visibility into app configurations and activities enables a critical feedback loop in a zero-trust architecture. This approach uses a user’s permissions, data access entitlements, and behaviors to dynamically adjust security measures or to terminate access based on suspicious activities.
Additionally, AppOmni enhances the integrity of the ZTNA capabilities provided by Cisco Secure Access by identifying potential application misconfigurations that could lead to bypassing ZTNA controls. By implementing zero trust principles across their applications, customers can detect unmanaged accounts, inadequate IP restrictions, and other security vulnerabilities. Such proactive identification helps user and access settings from undermining ZTNA protections, thereby safeguarding users and data against phishing and other attacks.
Source: cisco.com
0 comments:
Post a Comment