Defining the New Standard in Secure Access To Cloud Infrastructure

 

Introducing the Appaegis Enterprise Access Browser 

 

According to the Cyber Resilient Organization Study from IBM 59% of organizations had over 30 security tools. Fragmented IT and security infrastructure (65%) and lack of visibility into applications and data assets (60%) ranked #2 and #3 as causes for lack of improvement in cyber resiliency. Clearly there is a mismatch between the number of tools and the efficacy of the solutions. So many security solutions, so little visibility.  

 

This serves as the backdrop for the launch of our Enterprise Access Browser. Let me explain.  

 

So Many Security Solutions  

The security industry has been long plowed with a mystery, why are so many solutions required to secure users’ access? Most organizations use a combination of 5 solutions to secure access. They use virtual private networks (VPN) to secure remote network access. Zero-trust network access (ZTNA) solutions to secure private access. Cloud access security broker (CASB) to secure SaaS application access. Secure web gateways (SWG) for internet access, and Virtual desktop infrastructure (VDI) for high-risk contractors.  

 

Organizations pick the tool depending on the type of users and criticality of applications. Yet they all serve a similar purpose – secure user access. The solution proliferation is driven by increasing cloud adoption, growth in remote workers and increased reliance on third parties and vendors. But the solutions are not optimized for the users and enterprises. Security teams need to deploy and integrate multiple solutions to meet basic security requirements.  

 

A key contributor to complexity is that users don’t access only one application type – like SaaS or internal applications only. They need access to a combination of internal applications, SaaS applications, and the Internet. Even Gartner acknowledges this reality and proposes the notion of a secure service edge (SSE). SSE offers a framework for vendors to assemble products together to create an SSE platform. However, SSE platforms don’t address a key security gap – the need to track and control the identity and data across all access.   

 

Blindspot to Identity Prevents Achieving Zero Trust 

Existing solutions have one big issue – they cannot see the identity used to login to the web applications, nor enforce the identity used to access internal networks. For Zero Trust for access, enterprises must have the visibility and control of where users have access, the identity used for access, and the data being accessed. It’s plain and simple. Without visibility into Where, Who, What of access, organizations cannot control or secure access. And without visibility into identity, they cannot achieve zero trust access.  

 

And there is no current solution that can effectively control network, identity, and data associated with access. Further, applying principles of zero-trust – never trust, always verify –  

without visibility and control of network, identity, and data, is impossible. 

 

The Root of the Limitation 

There are several reasons for the inefficiency in existing solutions and the secure access tool sprawl. The primary driver is that the solutions were developed based on networking layer technology, for a network-centric world. As topologies evolved, vendors developed a solution for each network topology. All the solutions were based on some flavor of man-in-the-middle technology.  

 

They all try very hard to translate the digits in the wire to understand the user’s activities. But modern web applications have shifted business logic to the frontend. What’s more, the username and password are always encrypted or hashed before being sent to the target resource. This means existing solutions can no longer monitor security information, such as the username for login, or the data downloaded in JavaScript. It's time to rethink the solution.  

 

The focus needs to shift to where user access originates – the source. Users need access the Internet and web, internal, and SaaS applications at all locations. They use the browser to access applications. They expect the traffic to be routed through the most optimized path to ensure agility and a smooth user experience. This means the browser traffic must go to these destinations without being redirected through a network choke point. 

 

What if we could build an access browser so enterprises have complete visibility and control of user activities? What if it included built-in smart forwarding of traffic to SaaS applications and the Internet? What if the solution was topology and application agnostic? 

 

Protecting User Access Where It Originates: Enterprise Access Browser  

Appaegis is launching an Enterprise Access Browser to eliminate the limitations. We have built the technology around the browser to monitor every interaction between users and applications. This ensures we have deep knowledge of content of the pages, username used to login, and files involved in the interaction.  

 

All the information could be easily retrieved from browsers without the need to decipher network packets. This enables complete visibility and control over user activities for web applications, regardless of network topology or application location.  

 

Appaegis Access Fabric leverages the enterprise access browser to intelligently forward traffic using the optimal route. Security for networking, identity, and data is monitored and enforced before traffic is sent to the Internet or to private applications. Network traffic is sent to SaaS application or Internet directly for shortest path, without adding any latency or impacting user experience. This eliminates slowness or bandwidth reduction experienced with other networking-based solutions. Enterprise can now enforce the needed security with complete visibility into access by third parties, contractors or vendors, through managed or unmanaged devices. 

 

The secure-at-the-source approach allows enterprise to enforce security where access originates – the browser. Whether users connect to internal applications, SaaS applications, or browses the Internet, enterprises can monitor and secure user access. They have comprehensive history of all activities. They can identify anomalies and answer critical questions, such as how many SaaS applications users accessed, or what files were accessed. 

 

Appaegis Enterprise Access Browser is redefining the standard for secure access to cloud infrastructure. It simplifies operations, secures data and protects against the spread of malware. Finally, a secure access solution that delivers visibility and control for a distributed workforce on any applications, from any devices anywhere.  

 

To learn more about Appaegis Enterprise Access Browser, please visit our website or talk to one of our security experts. 

Back to Blog

Related Articles

SSH Bastions Break Your Zero Trust Model

It’s a common practice to set up a bastion server to provide access to the host and then use that...

Contextualizing Zero Trust for Data Security

Zero Trust is often used to codify an approach to security. What it means for each individual...

Securing the Software Development Lifecycle with Zero Trust Architecture