CNME Editor Mark Forker spoke to Omar Maayah, Technical Solutions Architect at Cisco, and Biju Bhaskaran, Pre-Sales Manager at Alpha Data, to learn how both companies kept enterprises secure during the COVID-19 crisis, the capabilities of its integrated security portfolio offering – and how Cisco’s latest security solution Secure X is enhancing customer experiences.
The ongoing global COVID-19 pandemic has forced businesses to transition their employees from a physical working environment to a virtual one. Many businesses aren’t equipped to keep themselves secure, and as a result their applications are vulnerable to cyberattacks. How can Cisco’s diverse suite of security solutions help enterprises to be better protected?
Omar: We’ve seen these security challenges for our customers for quite some time, and additional problems have arisen during the global COVID-19 pandemic. The issue isn’t just about the vulnerability of applications, but also about the increased number of users who are now working remotely.
We’re aware of all the challenges facing customers in terms of the attacks that are taking place against their vulnerable applications. The COVID-19 crisis has also forced businesses to not only request that their employees work remotely, but also that they migrate applications to public clouds.
The approach Cisco has taken since the beginning of the global health crisis is to create security offerings to help customers secure different aspects of their business. We packaged it in a way that was easy for them to consume. Essentially, it provides users with access to secure connectivity to infrastructures and a protection mechanism for their machines.
In terms of protecting the vulnerable applications, Cisco provides a different suite of solutions such as Secure Remote Worker, Breach Defense, Workload Protection and other solutions.
This helps customers to secure and protect their environments and workloads, as well as respond quickly to any type of attacks by integrating end-point protection solutions that can protect both the users and the workloads effectively. We created these different security solution packages and provided them to our customers free of charge during the COVID-19 period. This allowed customers to easily access these solutions that were specifically designed to keep their environments and their users protected at all times.
Biju: What we’re seeing with this pandemic is that it triggered both Alpha Data and Cisco to think outside of the box. As responsible technology providers to the UAE market, both companies provided solutions in order to enable customers to maintain business operations. We’re also evaluating and giving consultancy on long-term business continuity plans.
The combination of Cisco’s products and Alpha Data’s services team built a collaborative platform to communicate and ensure that the right security is achieved through their VPN services.
This is what we’re providing to our customers, and as security consultants and experts, we foresee that there will continue to be security obstacles within the current model of working remotely.
However, Alpha Data and Cisco are building the right cybersecurity blueprint to help our customers protect their key assets.
The general consensus in the IT industry is that a new security approach is required for modern data centers. How does the integrated portfolio offering from Cisco and Alpha Data deliver this, and is it complex to deploy the solutions needed to make your data center secure?
Omar: At Cisco, we’re not only providing customer security solutions, but we’re also providing a full data center solution, end-to-end from an infrastructure and security perspective. We don’t only deliver the technology itself, we give the customer a platform with the different components that are all integrated with each other.
We think about how the customer would operate that technology in its environment in a way that makes it much easier. From building the infrastructure itself and sharing the information between the different components of that architecture, to making it more agile and future proof. Our approach is to keep innovating and to continue building that type of technology to empower our customers.
We’re also aware of the fact that many of our customers might have multiple third-party providers. This means we need a trusted partner and system integrator, such as Alpha Data, who can work with us and the customer step-by-step to ensure that our technology is built, proposed and designed in the best way that can serve the customers requirements.
Biju: We’re showcasing to our customers how they can move their workloads to the public cloud. The technology team at Alpha Data is geared up to deliver these services, and we also have the right skillset on delivering automation services solutions – and possess the capabilities to move them to a hybrid cloud environment.
When clients move to the public cloud or hybrid cloud model there are cybersecurity guidelines’ they need to follow to ensure that their data and information is protected at all times.
As a strategic partner of Cisco, we’re working together to create the right security guidelines in order to keep our customers secure.
The term ‘Zero Trust’ is a recurring theme in the security ecosystem, but what does it actually mean, and what are the defining characteristics of a ‘Zero Trust’ approach to security?
Omar: Today, we have an explosion of IoT devices that are being introduced and connected to our environments, with users connecting from different locations using multiple devices. With the adoption of public and private cloud and moving workloads to different locations to improve scalability and agility, customers are beginning to ask some pressing questions.
Do we have full visibility? Do we know where the users are connected from? Is this user really who he says he is? Are these legitimate users trying to access the applications and are they authorized to view the data sitting behind it? Answering all of these questions is not an easy task.
We need to start with trusting, so let’s start with zero trust, and adopt an attitude which is “I don’t want to trust anyone”. I want to make sure that anything that will be connected, regardless if it was a user, an IoT device, or any kind of device that needs to be connected should be authenticated and validated. I need to make sure that I have full visibility and that I’m aware of who is accessing my data centers, applications and data.
At Cisco, zero trust is broken into three main pillars. We have zero trust for workforce. We use multi-factor authentication from Cisco Duo to authorize people and make sure that whoever is trying to connect is validated and authenticated. We also have zero trust for workloads and zero trust on work location.
We can secure the locations where the users are connected either by providing a specific secure VPN connection, or by ensuring we have proper authentication and segmentation approach if they’re headquartered in our offices. We provide different segments for each set of users and devices.
Can you tell us what the unique capabilities of Cisco’s umbrella is in terms of its ability to provide cloud-delivered security?
Omar: Umbrella is one of the main pillars in our security offering to our customers. It’s our first line of defense and delivers security to the customer. It is a DNS-based solution that actually looks at the first packet. When you’re browsing the first thing that is initiated from your machine is a DNS query.
Umbrella examines that query and tries to determine the domain you want to reach. If it’s related to any kind of malicious activity that we know is currently active, then we can immediately block that request on behalf of an organization.
The beauty behind Cisco Umbrella is that it’s a cloud-native solution and it has a security that will follow the user wherever he goes. That gives organizations the full flexibility to adopt and enhance their remote working model by putting security as a priority.
What is Secure X and how can it help customers to be more efficient and proactive responding to threats?
Omar: Security X is the latest addition to our security family. It is a platform that we’re offering to any Cisco customer who has a Cisco security solution. If you look at what is a happening in the customer’s environment, right now they’re acquiring different security solutions to make sure that they are protected against the evolving and dynamic type of threats that we see in the market on a daily basis.
That creates a lot of pressure for the customers in terms of operating those different solutions, sharing the intelligence around what each and every solution is capturing and ultimately protecting the customers. This is a huge task for customers, especially when it comes to integration.
Cisco is delivering different types of solutions and want to help the customer to reduce the complexity of getting multiple security products integrated natively. Security X is going to ingest and show the customer everything captured and detected through Cisco security products on one single dashboard. And to top it off – we can integrate with third party tools to enhance the customer experience.