Cryptzone has announced the launch of an access management solution designed to offer a solution for both cloud and hybrid environments.
According to the company, AppGate Secure Access enables organisations to adopt software defined perimeter approach for granular security control. AppGate Secure Access makes the application/server infrastructure effectively “invisible” and delivers access to authorised resources only, verifying a number of user variables each session before granting access to an application. Once the user logs out, the secure tunnel disappears.
Kurt Mueffelmann, president and CEO of Cryptzone, told IT Security Guru that the company is focused on access why it is difficult to defend. “The context is where and who you are and what device you are on,” he said. “We are specific on what you can see and making software invisible as once you are done in a session, you are terminated from a session. We take access from using a server and limit what you can see and the next phase is a set decision on access control on content and identify what is sensitive and confidential.”
He explained that it is taking a different approach to identity and access management, data loss prevention and network access control by rolling up the three systems into one solution.
“According to a recent survey we conducted, 90 per cent of companies are using aging VPN technology for network access control,” he said. “We must stop pretending that outdated notions of a defensible network perimeter still exist. Organisations have to flip the security paradigm on its head if they truly want to get in front of security threats.
Also, a majority (51 per cent) noted that their access control technology was greater than three years old, and 11 per cent said it was more than ten years old. Mueffelmann said: “The default position should be to make your infrastructure invisible, and then grant access on a case by case basis, only after user identity, posture and context have been validated. Organisations must stop giving out the keys to the kingdom when it comes to privileged user, third party and employee access.”
Jamie Bodley-Scott, global product manager of secure access at Cryptzone, told IT Security Guru that the new solution has a new topology to change the concept of a login process, as logging you in once and allowing you remain logged in is “a ridiculous concept and a bad security model, as in an hour an attacker can exfiltrate GBs of data”.