Defense in Depth: Secure Access

What is the Holy Grail of secure access? There are many options, all of which are being strained by our new work from home model. Are we currently at the max?

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our sponsored guest is Rohini Kasturi, chief product officer, Pulse Secure.

Here’s a transcript of this episode.

Thanks to this week’s podcast sponsor, Pulse Secure

Pulse Secure offers easy, comprehensive solutions that provide visibility and seamless, protected connectivity for hybrid IT in a Zero Trust world. Over 24,000 enterprises entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance.

Got feedback? Join the conversation on LinkedIn.

On this episode of Defense in Depth, you’ll learn:

  • Multiple technologies, such as VPN, split-tunnel VPN, VDI, SASE, EDR, and secure management, are used in attempts to insure secure access. But given that secure access isn’t just about managing endpoints, but users, you also have to look at IAM.
  • We look to conditional access to provide more support than just full VPN access.
  • Argument that we are moving away from endpoints to identity as that’s the new perimeter.
  • SASE solution blocks by default, instead of allows by default, and requires permission for access. User is secured dynamically based on a combination of identity and device.
  • Would be great if secure access solutions were universal, but they vary country by country based on costs, availability, and regulations.
  • Secure access models must be user experience first. One possible play that works in this way is IAM + SASE + EDR + secure management.
  • Another factor that prevents the one-size fits all model for secure access is the complexity of stacks.

Defense in Depth