Here at Cymbel we help our clients reduce the risks of data breaches by leveraging innovative technical controls. We surely understand the people, process, technology triad. In the last few years we’ve been able to use innovative InfoSec technology to drive improvements in process and improve the security team’s efficiency and effectiveness.
Here are several examples:
#1 International expansion drives non-signature based Endpoint Security
Issue: A company expanding internationally was concerned about the increased risk of compromises of their employees’ laptops.
Solution: The company implemented a non-signature based endpoint malware prevention control that blocked every attack launched during a pen-test bake-off with no disruption to installed applications.
#2 Deployment of VoIP drives next-generation firewalls to reduce attach surface
Issue: A company decided to deploy a new VoIP communications/collaboration system which required opening thousands of ports on their perimeter firewalls. While the ports are opened specifically for the VoIP application, the security team has no way to limit that traffic on those ports to the VoIP application.
Solution: The company deployed next-generation firewalls which enables the security team to implement a Positive Control Model on those open ports. In other words, policies that ensure that only the VoIP application uses the ports opened for it.
#3 Increasing risk of compromised datacenter applications drives ring fencing
Issue: A company’s core line-of-business application components are not well segmented. The risk is that any penetration of the datacenter could lead to a breach of this application. Furthermore, the security team has no visibility into the east-west traffic in the datacenter.
Solution: The company decided to “ring fence” this application without making any datacenter infrastructure changes. The security team also got visibility into the traffic among the application’s components, and the ability to securely shift components to the cloud to improve scalability.
#4 eCommerce app directly connected to SAP drives web app security
Issue: A company decided to deploy a new eCommerce application directly connected to their SAP back-end, thus creating the risk that an application vulnerability can lead to a compromise of the backend SAP databases.
Solution: The company deployed a web application security control that was easy to implement, would automatically keep up with development changes, and would not interfere with marketing analytics.
#5 The need to detect compromised datacenter workloads drives honeynets
Issue: A company was concerned about lack of data center visibility and the risk of undetected malicious east-west traffic.
Solution: The company deployed a honeynet detection control with virtually no false positives.
#6 Increasing remote and mobile workforce drives the need for cloud-based proxy solution
Issue: The mostly remote and mobile workforce of a company suffers from low productivity and morale due to high latency of backhauling all Internet traffic through an on-premise proxy server. Many of these people, on their own have implemented split tunneling on their laptops and therefore depended only on their endpoint anti-virus solution for malware prevention.
Solution: The company implemented a cloud-based proxy service, which dramatically reduced latency and improved malware prevention.