The GDPR has passed just in time to scare everyone who wasn’t taking data privacy seriously, as it seems that more and more European enterprises are taking zero-trust model “mainstream!”. In a recent Gigamon survey
of enterprises, 67% of respondents said they were considering a zero-trust architecture, regardless of rumors that zero-trust hinders employee productivity.
How could it not hinder productivity? For those not in the know, zero-trust is exactly what it sounds like. It’s success lies in leaving assumptions of security at the door literally, and taking the trustworthiness of no user or device at face value or by the input of correct credentials. Zero-trust analyzes network behavior of users and devices and allocates permissions and resources based on predetermined security policies. All data is encrypted, transmitted and then decrypted and monitored - a few extra steps in the security chain and the kiss of death for businesses who want to operate a zero-trust environment and also choose the wrong vendor. Let’s learn a bit more about the decryption/encryption process before we decide what vendor will supply the right product for your business.
The most cutting-edge decryption standard is TLS 1.3, a level which assures that no data is being viewed or rerouted between assets or in transit. TLS, or Transport Layer Security
, ensures that all data sent over the internet, like passwords and financial information, is secure, end-to-end. Without TLS encryption, all sensitive information sent over the internet would be vulnerable, just as it was in the early days of the internet when the world employed a total-trust model. This includes potential malicious contents or malware could bypass wide open without being detected and possible to spread among the users/network. Increasing numbers of WFH or remote users who have potentially infected with malware connecting back to their corporate applications also bring huge challenges for being inspected as this end to end traffic is running on encryption.
TLS is vital to the new zero-trust architecture that IT security decision makers are implementing across Germany, France and the UK. Bassam Khan
, VP of Product and Technical Marketing Engineering at Gigamon, commented: "With digital strategies pivoting to accommodate the economic uncertainty and unprecedented change caused by the new normal, security is only going to become a more prominent topic at the C-level. It is interesting to see that elements of the zero-trust journey are already being discussed, and hopefully this will continue, as board support is vital for the implementation and success of any zero-trust initiative."
Sangfor’s most recent Internet Access Management (IAM)
update, 13.0.8, was designed to use Ingress Client to perform SSL decryption, a task which was previously impossible, using Transport Layer Security, or TLS 1.3. Ingress Client is when server and client are separated from the main program, database and operation interface into multiple workstations. If you are a bit confused, you aren’t alone. Suffice to say that Ingress Client, supplemented by TLS 1.3 provide an extra layer of fast and easy to manage security and are vital to a zero-trust environment. Sangfor IAM supports both traditional man in the middle decryption, between the device and server, and the newer ingress client decryption. The performance impact businesses are so worried about is around 20% with ingress client decryption as opposed to 80% with man in the middle decryption. So it’s fast, easy to manage, and provides unparalleled security.
is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. For more information on Sangfor IAM or Sangfor’s many other Cloud, Security or Infrastructure optimization options, visit us at www.sangfor.com
today, or email us at firstname.lastname@example.org
, and let Sangfor make your IT simpler, more secure and valuable.