The Covid-19 pandemic has been a game changer for the world. As we emerge from this by adapting and finding a way around some tough situations, most organizations have changed their working model from an office centric operation to a more “Work from Home” scenario. While this big change in our mindsets and actions has helped salvage our overall productivity, it has opened the systems to some serious cyber threats, owing to the sudden expansion of the network perimeter. Most traditional security solutions that exist today were not made keeping such diversity in mind and hence, the need for a new and more relevant thought process and action.

Challenges with traditional security solution approaches


  • Work from home needs to accommodate employees working round the clock over diverse geographies, the traditional network perimeter has expanded exponentially; and most solutions are not geared to support this diversity natively 
  • Resource allocation and access for employees needs a different level of verification and identification along with close quarter monitoring of the access protocols.
  • Cyber threats for wide perimeters were never accounted for in traditional solutions.
  • Existing processes on traditional security systems do not lend themselves to a desired “Zero Trust Model”
  • Efficient segmentation of the network to protect it from malicious attacks but still provide access to legitimate users in a dynamic environment is a complex and difficult task
  • No guarantee that each endpoint, user and device in the network is secure, especially with the growth in devices due to work from home.
  • Existing firewalls may not be completely tuned for secure access via dynamic public service providers
  • Lack of proper logging and monitoring of network traffic for continuous visibility
  • Burden on IT budgets and resources due to high cost and cumbersome deployment
73560954-s.jpg

The Secure Shield  Advantage


Micro-segmented access for precise application connectivity

aws-s1.jpg

One of the biggest advantages of using Secure Shield is that is provides a granular, micro-segmented access to only authorized users who may be accessing the core resources and applications from just about anywhere in the world. The system administrators can thereby easily enforce and manage granular micro-segmentation policies that control end user access to applications and services. Secure Shield provides a multi-dimensional control for traffic and resource utilization without the risk of reviewing every process and its various stages.


Digital asset security on-the-go

52328787-s--1-.jpg

The core architecture design of Secure Shield is natively distributed, resilient, and based on Zero Trust, Software Defined Perimeter (SDP) architecture and Private Blockchain technology. This cutting-edge architecture renders enterprise systems and cloud servers invisible to hackers, thereby making it almost impossible for hackers to discover and attack these systems. Secure Shield  provides holistic security by securing the servers, providing user and device authentication, as well as encrypting the communication.

 

Multiple device coverage through digital verification

AWS-3rd-image.jpeg

Moving away from a centralized enterprise system opens the possibility of multiple devices logging into the same system, that may even mean accommodating various IPs and most of these may not be pre-mapped with user IDs. In such a scenario, Secure Shield helps to authoritatively identify the user over multiple devices using digital verification and network admission control through posture assessment that relentlessly guards against and terminates unwarranted access that may pose a threat to the organization.

Authentication and dynamic access based on digital ID

AWS-4th-image.jpeg

Secure Shield creates, maintains and compares various digital identities over a period of time that have access to multiple applications and acts as a gatekeeper for verified profiles only. This completely eradicates the risk of device changes, network changes and even IP changes based exclusively on its multi-level digital ID verification. This makes it easy for one to detect ill intended access to your enterprise network.

Access to resources on any public cloud without a VPN

AWS-5th-Image.jpg

Empowers organizations to securely provide direct simultaneous access to applications hosted on multiple public cloud environments from authenticated and authorized remote user devices over the internet – without the need for a VPN solution being deployed in each environment.

Audit and review all logs

AWS-6th-image.jpeg

All access logs are stored on the blockchain, making it immutable and tamper-proof, thereby ensuring complete visibility in case an adversary should attempt to access the systems in an unauthorized manner or an administrator enforces an unauthorized change. Secure Shield performs continuous logging and monitoring of network traffic for complete visibility and control of ‘who has what access’.

Secure Shield  Architecture for Remote Access

Secure Shield provides a natively distributed security architecture which helps lock down the servers, irrespective of whether they are inside or outside the organization’s perimeter. It provides secure user and device authentication and authorization, encrypted communication between the user and server, and protection to servers and applications not only from known but also unknown vulnerabilities.

The Secure Shield controller (Identity and Access validation nodes) has an embedded private permissioned blockchain and stores the following information:
a. Policies that grant access to a resource (application) for a given user and device combination
b. Users and digital IDs
c. Access logs
d. A real-time access map depicting the access policy and resources currently being accessed
e. Dashboards and reports
End user agents are deployed on the user devices to authenticate both user and the device. The lightweight user agent ascertains that it is indeed a legitimate user who requires access to server, and the device is approved to access the server.
Resource agents are deployed on the application servers in the data center or on the Cloud. The server agent locks down the server to such as extent that the server becomes invisible and only authorized users from authorized devices can access the server.
A Zero Trust gateway can also be deployed to secure access as an alternative to deploying agents on servers.
While a legitimate user is accessing the server, the server continues to remain invisible for the other systems on the network and thus the protection is always maintained. Multi-factor authentication and user device mapping ensures that the user credentials cannot be phished, and the user cannot be impersonated. Thus, Secure Shield solution ensures that only the approved users can have precise access to applications from approved devices.
WORK-frm-Home.png

Why choose Secure Shield for Work from Home?

ai1.png
Offers comprehensive Zero Trust security for internet-based open perimeter access synonymous to WFH
ai2.png
Delivers Zero Trust protection in five out of the seven areas recommended by Forrester’s Zero Trust Framework
ai3.png
Offers a robust Software Defined Perimeter (SDP) architecture that renders critical information systems on the cloud invisible to attackers
ai4.png
Delivers a new breed of digital identity and access control for all users and connected devices by means of customized light-weight agents along with Blockchain technology
ai5.png
Block Armour accelerated by Airbus and is a part of the Microsoft for Startups program. Featured as one of the top 25 cybersecurity innovations by Accenture
ai6.png
Promoted by Ministry of Electronics and Information Technology (MeitY) and Data Security Council of India (DSCI) in India as a trusted work from home security solution