Nader Baghdadi, Regional Sales Director META & Raja Ukil, SVP Sales and GSI partnerships at Color Tokens, tell Tahawultech in an exclusive interview why Micro Segmentation is important to reduce the attack surface to a minimum while ensuring the prevention of any unauthorised lateral movement.
Tell us about the importance of GISEC for color tokens and what does it mean to be participating this time?
GISEC is extremely crucial for us, to connect with partners and customers and showcase our offerings. It’s a huge privilege and this year, it feels great to see such enthusiastic participation from everywhere.
Tell us more about Color Tokens as a company. What do you focus on?
We’re an American vendor based out of California and we’re specialists in the domain of micro segmentation, which falls under the umbrella of zero trust architecture. So, the technology pieces we’re offering right now relate primarily around the data center and endpoints and how to protect the crown jewels of an enterprise or an estate. How are we different from other vendors? We are very agile on understanding customer needs and deliver what they’re looking for. Micro Segmentation is not a new concept and it has been there for some time. However, the evolution of cloud has really enabled us to reach a better stage and a higher levels of competencies.
Can you elaborate more on Micro-Segmentation
Micro-segmentation is a security practice that aims to make security as granular as possible. It is achieved by dividing the network into isolated segments so that the traffic to each segment can be monitored and controlled.
The purpose of micro-segmentation is to reduce the attack surface to a minimum while ensuring the prevention of any unauthorised lateral movement. Depending on the approach used, security engineers could create secure zones to isolate environments, data centres, applications, and workloads across on-premise, cloud, and hybrid network environments.
The reasons for successful security breaches are multifold and can be attributed to the changing threat landscape. The traditional castle-and-moat approach of creating a security perimeter has repeatedly shown to be ineffective against advanced threats that are able to breach the perimeter. With an increasing number of companies migrating applications to the cloud and providing ecosystem partners access to these applications, it is becoming harder for security professionals to even define a perimeter.
The perimeter approach was based on the premise that the threat originates outside the network, which is why most perimeter security solutions (IPS/IDS/Firewalls) focus only on North-South traffic. However, over 75 percent of network traffic is East-West or server-to-server, which is largely invisible to security teams. Any threat which is already inside network can move laterally and remain undetected for days or even months.
Tell us about your Middle East or regional plans and operations.
So I started not too long ago. It is a matter of great honour to really set up the business here with the support of the wider team and the senior management, and in the US and India as well. Right now we are in the face of expanding our footprint in terms of recruitment. So that’s a very key element to our success. We will be recruiting potential candidates across crucial areas like sales, technical expertise and solution architects.