Network Security – A Patchwork Quilt Bursting at the Seams

The majority of organizations today have a highly complex segmented security infrastructure that is difficult to manage and prone to gaps. Different products are responsible for securing different parts of the network and the lack of a cohesive central product capable of controlling and communicating with all the different elements makes organizations vulnerable to attacks.  The result is a spider web of autonomous products that is expensive to maintain, difficult to manage, prone to breaches in security, and very difficult to update or modify safely.

Why is network security so disorganized?

Network security has evolved unevenly to patch vulnerabilities that are discovered when a new feature or product is incorporated into the network. As organizations add new features like access to Cloud services, Bring Your Own Device capabilities, or secure remote access, they require new products that allow them to provide these enhancements in a secure manner.

A game of cat and mouse

It’s nothing new, network security has been a game of cat and mouse since people started connecting computers together decades ago. ARPANET, the precursor to the modern internet, had approximately 60,000 computers connected together in 1988 when a student from Cornell University, Robert Tappan Morris, released a worm that caused denial of service on approximately 10% of the connected machines. Widely considered the first attack on the “net”, it also marks the beginning of computer security as we know it: The first firewall soon followed to prevent similar future attacks.

The internet has grown exponentially since those early days and with that growth has come a multitude of new opportunities for hackers which in turn has necessitated the development of new security products to counter them.  Each time the network is modified or enhanced, somebody finds a way to compromise it, somebody else detects the infiltration, and finally a product is released by somebody else that secures the network again.  An example of this repetitive product life cycle is Mobile Device Management (MDM).  As mobile device use became increasingly ubiquitous, supporting mobile devices became vitally important to companies.  A range of MDM products was released which allowed organizations to incorporate mobile devices into their networks in a secure manner. IT departments added these new separate products to their already complicated web of products, thereby inheriting another new layer of complication.  To make matters worse, these MDM solutions are only concerned with mobile devices, they by and large ignore desktops and laptops and even corporate machines inside the company.  MDM is just a small component of an organization’s technology infrastructure. Most organizations have many other separate stand-alone technologies in addition to MDM such as: Firewalls, VPNs, SSL/VPNs, IDS/IPS, Anti-Virus, Anti-Spyware and Application firewalls to name just a few.

Too much confusion in IT Security

Too many products that don’t communicate with each other and need to be managed separately, that’s the current reality for IT departments at most organizations today. It’s not really a surprise, innovation has occurred unevenly and at such a fast pace that securing these new innovations has often been an afterthought, only contemplated after the discovery of a breach.  The best security firms have been able to do is develop unique products that offer solutions to existing problems.  They have not been able to develop a single cohesive solution that is capable of managing all aspects of network security.

Having a single product that addresses the entire network security infrastructure as a whole should be the goal of any organization serious about security. A single product is far easier to administer and such a product would empower organizations with information they wouldn’t otherwise have access to. An admin could easily look up what is being accessed, with what device, at which location and with what frequency, from one central portal. Such an organization would have the ability to compare and analyze data in a cohesive manner not available to a typical organization burdened by a plethora of different security products. The data is always there, but without a single cohesive product it’s very difficult to compare and analyze it.

Why is a cohesive solution to network security so difficult?

Developing an all-encompassing product that can be deployed over multiple locations which combines technologies like VPN, MDM, Single Sign-on, Cloud access, application acceleration, portal-based access, and GEO IP Intelligence takes a lot of resources and know-how. Most companies with the resources to tackle such a solution run into major conflicts with their own successful legacy solutions that they are reluctant to cannibalize. Why build a new all-encompassing solution when you are already a successful vendor of an MDM solution, a VPN product and a single sign-on product that don’t communicate with each other?  Smaller companies are restricted in a different way- they don’t have the resources required to build an all-encompassing solution and often focus on single innovations that allow them to gain a foothold in the market.

Portsys Total Access Control (TAC) – The only unified solution to your network security

At Portsys we recognized that there had to be a better, safer, and more efficient way for an organization to manage their network security from top to bottom. After years as a principal provider and supporter of Microsoft Forefront UAG installations across the globe we focussed our experience and energy on building an all-encompassing network security solution that serves not only as a replacement for Forefront UAG  but as a major enhancement of it. Instead of offering many different products that can’t communicate with each other, TAC is a single robust solution that allows users to securely access any application, from any device, anywhere, with only one set of credentials.

How TAC revolutionises corporate security

In today’s fast-paced, always-connected digital world, companies need to provide their staff and consultants with a secure, stable, and user-friendly way to access all company applications from anywhere with any device.  At the heart of the TAC Gateway is a proxy that sits between internal company applications and the internet.  Before a user can access their Exchange email, a PowerPoint presentation, a Cloud based app, or any file stored on company servers, they need to login to TAC. A user can login from any device, whether corporate or BYOD, using a unique multi-factor authentication method that uses easy-to-remember pictures instead of annoying one-time tokens. The end result is a user-friendly secure login not susceptible to brute force attacks.

Once logged in, TAC dynamically assigns user access permissions based on the device used and the condition of it. To put it simply, a user accessing an application from a company desktop at head office is a very different use case than that same user accessing the same application from their smartphone at a cafe. Portsys defines this dynamic process of granting user access permissions in real-time as “Context of Access”.  Context of Access could dictate that a user with permissions to view and edit files at their office workstation could only view files from home. Context of Access can also ensure use of specific antivirus programs or operating systems by denying access to non-compliant devices.

TAC combines technologies like VPN, MDM, single sign-on, Cloud and local application access, application acceleration, portal-based access, GEO IP Intelligence and is capable of managing local or multi-location deployments around the world.  Total Access Control  increases security, reduces vulnerabilities, but even more importantly, it simplifies security for end-users and administrators alike by offering a single solution, instead of multiple solutions, to a long list of current and future problems.