At this year’s Business Technology Expo (BTEX), CDW Canada’s Head of Cybersecurity, Theo Van Wyk delivered an eye-opening technology briefing on how organizations can ensure security in today’s ever-evolving workforce. With the drastic increase of phones, laptops and IoT devices relying on remote networks over the last few months, implementing proactive security measures is critical for Canadian organizations to limit exposure as much as possible. If you missed it, here is a recap on some security solutions and approaches Theo recommended to ensure your employees and company data are protected.
Zero Trust
Zero Trust is a framework that informs an organization’s approach to data security management by only allowing data access to intended users and devices. This is a great cybersecurity solution for Canadian organizations, whether remote or on-premise, as it works alongside essential elements like access control, malware prevention and identity verification. Benefits to Zero Trust adoption include:
- Identity and access management (IAM)
- Real-time monitoring solutions
- Endpoint security
- Vulnerability and patch management
- Asset and application inventory
- Security and incident detection
- Network and micro segmentation
- Secure remote connectivity
- Data loss prevention (DLP)
- Security orchestration, automation and response (SOAR)
Identity Access Management (IAM)
IAM is a programmatic approach used to manage identities and regulate access to data and services accordingly. This solution ensures all organizational elements are taken into consideration by applying to not only technology controls, but also an organization’s products, processes and policies through a combined approach to identity and access. Benefits to IAM adoption include:
Identity
- Identifies user and devices
- Allows granular enforcement of the access policy
- Single identity per user
- Authentication
- Multifactor authentication (MFA)
- Single sign on (SSO)
Access
- Authorization
- Role based access
- Principle of least privilege
- Privileged access management (PAM)
Endpoint Detection and Response (EDR)
EDR is a toolset focused on rapidly detecting, preventing, investigating and responding to threats or problems on hosts and endpoints. Ongoing monitoring and detection are facilitated through analytic tools to ultimately identify areas of improvement within an organization’s security measures – both internal and external. An effective EDR must be able to:
- Detect suspicious activity
- Prevent malicious or unwanted activity
- Support threat hunting
- Record incident related data
- Support alert triage process
- Allow response measures such as isolating an endpoint
Security Orchestration, Automation and Response (SOAR)
SOAR is a security process and toolset that enables organizations’ SecOps teams to orchestrate and automate their incident response workflows. It works by applying compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without the need for human intervention. Benefits of SOAR include:
- Automates and orchestrates mundane, manual tasks
- Speeds up preparation for incident response by completing repetitive and predictive tasks
- Frees up expert resources
- Reduces the risk of human error
- Improves talent retention in a competitive market
- Integrates with existing security solutions through APIs
Secure Access Service Edge (SASE)
SASE aligns with Zero Trust concepts and effectively enables a cloud-based remote access solution that identify and authenticate devices and users, uniformly enforces security and compliance policies for devices and users, refines access data and services as determined by device and user context and continually evaluates identity authorization. Benefits of SASE include combining remote access controls and solutions such as:
- Wide Area Networking (WAN)
- Software Defined WAN (SD-WAN)
- Firewall as a Service (FWaaS)
- Cloud Access Security Broker (CASB)
While it may seem hard to believe, this is only the beginning of the digital age. New cybersecurity threats continue to emerge as remote work becomes increasingly normal, and CDW is committed to helping your organization ensure its employees and data are secure protected – both remotely and on-premise. Visit cdw.ca/security to connect with one of our experts today.
Be sure to bookmark this page for more coverage of BTEX 2020.
