leveraging channel resources Meet TBI Jeff Newton Joe Fizor Vice - - PowerPoint PPT Presentation

The New Approach to Security leveraging channel resources

CYXTERA TECHNOLOGIES |

Meet TBI

Jeff Newton Vice President of Enterprise Sales linkedin.com/in/jeffmnewton/ Joe Fizor Solutions Engineer linkedin.com/in/joefizor/

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

3

Founded in 1991 Established as a Master Agency (technology distributor) 225 employees Chicago HQ, International Sales Best-in-class technology solution for complete connectivity All we know is B2B Agnostic consultation on data, network, voice, cloud, mobility and security

TBI as a Resource

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

4

As a Master Agent. A technology consultant. Direct agreements with 100+ solution providers For channel partners: supplying organizations a recurring revenue model

Consultants Value-added Resellers (VARs) Managed Service Providers (MSPs) Software Developers System Integrators

For end-users: SMB, Mid and Enterprise consultation and sales for telecommunications and cloud technologies

TBI as a Resource

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

Empowering selling partners to solve their customers’ technology needs through:

Training

• TBI University - certification program, partner experience liaison,

training events and stewardship Marketing

• Sales enablement tools, white label solutions, collateral, case studies,

promotions Back-office, sales support and operations

• Back-office, operational support, highly technical Telco, Cable and Cloud

pre- and post- sales support, provisioning, installation and commissioning Finance

• Transparent commission tracking, proactive management and

troubleshooting

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

Our Partners’ Security Appetite

6

Recently we conducted a research study of our partners business needs, investments in education, portfolio additions, etc.

• 50% of respondents citing security as having the greatest potential for industry influence, transformative

power and revenue generation.

• Virtually all respondent companies (95%) are currently investing in emerging technologies. By 2020,

more than three-quarters of respondents will be investing in security, and more than half in private cloud solutions.

• Security is included in more than two-thirds of respondents’ portfolios, followed by hybrid cloud

solutions, which are part of nearly half of respondents’ respective portfolios, and one in three currently

• ffer SDN/SD-WAN and/or IoT solutions. By 2020, more than three-quarters of respondents will be

investing in security, and more than half in private cloud.

How a Software-Defined Perimeter Prevents Malicious Insiders, Over Privileged-Users and Compromised Third Party Access

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

The Threat is REAL…

Percentage of data breaches due to insider threat vary…

10

…but regardless of the number, the threat is real!

Celent (2008)

60% 36%

CSO Online (2013)

39%

Forrester (2012) Ponemon Institute/ Symantec (2012)

39%

Online Trust Alliance (2015)

29%

Central European University's Center for Media, Data and Society (2014)

57%

How are Networks Vulnerable Today?

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

Yesterday’s network security doesn’t address today’s IT reality

12

Perimeter security has remained largely unchanged for the past 2 decades.

1996 2017

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

VPN -It Isn’t Working…

13

• VPNs Do NOT Equal Secure
• Over-Privileged and Off To The Races

“60% of enterprises will phase out network VPNs by 2021.” - Gartner

VPNs – It Isn’t Working…

KEY ISSUES:

• Lateral Movement
• Horrible User Experience
• Not Built for Cloud

CHALLENGES CREATED:

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

14

Firewalls - It Isn’t Working…

Traditional Firewalls – It Isn’t Working...

• Static - Configure and Forget
• Ports and Addresses, Not Users

KEY ISSUES:

• Over-Privileged Users
• Exceptions Proliferation
• Complex, Difficult to Manage
• Not Designed for Cloud Architectures

CHALLENGES CREATED:

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

Its Complicated Complicated setup and management Show Me The Money Generally very expensive and proprietary solutions. It Takes a Village LOTS of components and add-on solutions for it to work.

Network Access Control

15

NAC

NAC – It Isn’t Working...

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

Common Weaknesses of Current Solutions…

16

Users are NOT IP Addresses or Devices Connect First, Authenticate Second Static Controls for Dynamic Environments The Perimeter has Changed…and Continues to Change The Bad Guys are Not Just on the Outside…

1 2 3 4 5

We Need a New Approach…

CYXTERA TECHNOLOGIES | 18

A better approach to network security: Software-Defined Perimeter

1

Identity-centric

User- or device- based access control Integrates with directory services and IAM Context sensitive

Zero-trust model

Authentication before connection Dynamically-provisioned 1:1 connectivity Unauthorized resources completely dark

2

Built like cloud, for cloud

Distributed, stateless and highly scalable Programmable and adaptive Dynamic and on demand

3

Colocation

CYXTERA TECHNOLOGIES | 19

SDP: An industry consensus

SDP enables organizations to provide people-centric, manageable, secure and agile access to networked systems. It is easier and less costly to deploy than firewalls,VPN concentrators and other bolt-in technologies.”

“

Legacy, perimeter-based security models are ineffective against attacks. Security and risk pros must make security ubiquitous throughout the ecosystem.”

“

BeyondCorp doesn’t gate access to services and tools based on a user’s physical location

• r the originating network; instead, access policies are based on information about a

device, its state, and its associated user.”

“

The SDP security model has been shown to stop all forms of network attacks including DDoS, Man-in-the-Middle, Server Query (OWASP10) as well as Advanced Persistent Threat.”

“

CYXTERA TECHNOLOGIES |

How Does a SDP Work?

Software-Defined Perimeter Traditional TCP/IP

Not Identity Centric – Allows Anyone Access Identity-Centric – Only Authorized Users

“Connect First, Authenticate Second” “Authenticate First, Connect Second”

CYXTERA TECHNOLOGIES |

The Application View

21

Executives Marketing Human Resources Research & Development Sales

CYXTERA TECHNOLOGIES |

The Network View

22

Executives Marketing Human Resources Research & Development Sales

Users have too much network access… Need to eliminate the gap between network and application security

CYXTERA TECHNOLOGIES |

What Does a SDP Look Like?

Individualized perimeter for each user Fine-grained authorization for

• n-premises and

cloud Contextual awareness drives access and authentication Simplify firewall and security group rules Dynamically adjusts to new cloud server instances Consistent access policies across heterogeneous environments

23

CYXTERA TECHNOLOGIES |

Why Deploy Software Defined Perimeter

24

Secure High Risk Users and Assets Alternative to Traditional Network Security Secure and Compliant Cloud Deployments

• Simplify network
• Reduce firewall rules
• Eliminate NACs or VPNs
• “Crown Jewels”
• Third-party access
• Privileged users
• Extend to AWS & Azure
• Manage users, not IP addresses
• Improved compliance reporting

CYXTERA TECHNOLOGIES |

Operational Benefits of SDP

25

Social healthcare site reduced the number of firewall rules by 90% Multinational retailer reduced the FTEs managing firewall rules from 52 to 13 Governmental agency reduced FTEs managing access to key systems from 8 to 1 for over 15,000 users Financial services reporting body reduced audit prep time from 2.5 months to 17 days Cyber security consulting firm eliminated redundant firewalls and VPNs into remote offices Global 50 financial replaced Cisco ISE to avoid $20K per switch upgrades as they expand

90%

8 1

SUMMARY

CYXTERA TECHNOLOGIES CONFIDENTIAL | PROVIDED UNDER NDA

Summary

27

Insider threats are in your Network

• The perimeter is not a

unbreakable wall, as it was in the past. It is fuzzy (at best) and constantly changing.

• At least a quarter of all data

breaches are due to an insider threat.

• The threats are not just on the
• utside anymore.

Today’s Solutions Do Not Work

• Firewalls, VPNs and NAC

solutions are yesterday’s technology, and unable to meet today’s insider threats.

• The dynamic nature of users and

cloud infrastructures demand an easier to manage, more flexible, and scalable solution.

A Software-Defined Perimeter Solves!

• Creates a dynamic,

individualized perimeter for each user and user-session – a network “segment of one”.

• Entitlements can be modified

dynamically as necessary to meet environmental changes.

• One solution to address security

and compliance challenges – on premise and in the cloud.

CYXTERA TECHNOLOGIES |

TBI is an Agnostic Resource

We offer several vendor-agnostic resources on security including our:

SDWAN Comparison Guide Security EBook Vendor-Agnostic Security Training