1. Citrix is proposing a new approach called the Secure Digital Perimeter (SDP) to address security challenges in a world where work is distributed across SaaS apps, cloud services, and remote users.
2. Traditional security approaches focused on protecting networks and resources within organizational perimeters but SDP takes a people-centric approach that follows users across devices and locations.
3. SDP provides simplified control, 360-degree visibility, and intelligent analytics across networking and security services to minimize attack surfaces and gain compliance while allowing access from any device.
18. 1. Contextual and secure access
2. Mobile and device security
3. User security and malware protection
4. Secure collaboration with content security and
intellectual property (IP) protection
5. Governance, risk and compliance
6. Business continuity and app security
7. User behavior analytics and proactive security insights
Citrix SDP provides …
So, what are we going to talk about today. First, we are going to go through the new approach to security that encompass the new secure digital perimeter.
Now, let’s dive into the SDP story.
Work is now distributed.
Users are working from anywhere. Branch offices, remote locations like home, hotel, or anywhere, not only the corporate offices.
They are using applications from on premises, SaaS, or other web or cloud accesses but still need to reach their traditional applications and services within the data center.
Now IT and Network professionals need to think in a differently.
And the point solutions available to deliver apps and content securely and reliably only add to this complexity.
4.268 La TI y los profesionales de seguridad de TI encuestados en 14países
Attackers have an increased motivation driven by financial / monetary value of an attack
Enterprises are targeted by state-sponsored attackers. Average time to discover a breach is around 200 days
SMB and consumers are targeted by ransomware
There is a shortage of security experts/skills
More than 1 million unfilled security jobs
70% of companies plan to increase the size of they cybersecurity teams by 15% or more
Compliance checklist is not considered sufficient anymore
“Surface Area” is becoming too vast for traditional security approaches to remain effective
When everything is connected, security is everything
New ways of working (multiple user locations/devices) and new locations where data is stored (cloud, SaaS etc.)
With complexity being the biggest enemy of security, a completely new approach is required…
Three quarters of enterprises agree that a new security framework is needed to address the cyber threats of today. Things like app and cloud sprawl, BYO devices, IT complexity, and the addition new attack vectors.
We start with the ‘what’ – the Digital Workspace – and use it’s constructs to define what should happen within it. This defines ‘where’ to apply policy, and not just some arbitrary points within the infrastructure
Rather than focus on conventional ‘threat’ centric perimeter protection, focus on ‘user’ centric controls to prevent malicious behavior – threats are unknowns, focus on what you know, the user
Rather than ‘force the user’ into discrete points where Security Policy can be applied, have the Security Policy ‘follow the user’, wherever they are – in the world of Cloud the user can be everywhere
We used to focus on ‘zones’ (trusted zone, DMZ, Intranet zone etc.). A user-centric approach focusses on what we know– using ‘context’ we know the user – and their real-time interactions, with the network, apps and data
Rather than rely on a vast number of doors and ‘locks’ that attackers will probably breakthrough anyway, build a system of ‘detectors’ that an attacker must evade – if one gets flagged it’s game over for the attacker
Complexity is really hard to tame but it's also where Citrix can help. Really helping organizations deal with the complexity and pull it together, in a way that creates this new software-defined perimeter and also enables the easy access for people wherever they are around the world, whatever device they come in, to give them contextual access to the apps, information and resources they need.
Whether it's a cloud technology coming from one of many clouds, or whether it's traditional on-prem technology, or whether it's mobile technology, they need to access it all in a simple, contextual way, and that is precisely what we do.
On one side, IT needs to manage all of those devices and control the policies for access. You need to manage all of the apps, and need to modernize them. We know that app modernization is one of the biggest hurdles that IT organizations face. You also need to have full visibility, and that is the way to turn your company into an intelligent organization.
For the end user, for people at work, the most important thing is the unified experience enabling them to access their workspaces. It needs to be familiar and fluid. From the moment they get into the workspace, they need to feel like they have access to everything that they need.
recording and aggregating logs and transaction flows between user, apps, devices, content and network