120 likes | 127 Views
Block Armour's Zero Trust Solution for WFH. Supported by the Data Security Council of India and the Ministry of Electronics and Information Technology.
E N D
SECURITY USE CASES & SOLUTIONS FOR WORK FROM HOME Indian Start-ups Compilation of capabilities of Indian start-ups for securing WFH environment National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship A JOINT INITIATIVE BY National CoE Content Series Product Dissection Doc ID: NCoE:0005
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Index 01 Introduction 02 Product Overview 05 Block Armour 06 lnstaSafe 07 Data Resolve 08 Cloud Codes 09 Wi-Jungle 10 About Us
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Introduction Amid the fear of contagion, working from home has become the new normal for many professionals. Fortunately, in this increasingly connected world, professional commitments can be managed virtually. However, with huge rise in the number of employees working remotely, it is of vital importance that we also take care of our cyber hygiene and be productive simultaneously. As organization grapple and brace this new normalcy, following are some of the Indian security product organisations that can assist you in this journey. | 1
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Product Overview HOME OFFICE Application Database Files Server Accessing SAS Apps Remotely Blockchain enabled Digital Identity Geobinding of Devices Data Leak Prevention through RDP Policy Device Authorization Agent based Access Deployment Zero Trust Network Access (ZTNA) Encrypted Channel Multi-factor Authentication Invisible Access Gateway Geo-fencing of Devices Indentity Aware Granular Access Control User & Device Authentication Secure Operation in Multi-cloud Environment SDP based Distributed Architecture | 2
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Data Leak Prevention Cloud DLP and Email DLP Employee Monitoring: App, activities, media, browsing Shadow IT Controls Cloud Workload Assessment Employee Productivity Monitoring Compliance Check Compliance Monitoring Single Sign-on Forensics Investigation Access: IP, Browser, Location, Device & Time Restriction Permissions for Mobile Employees VPN: SSL & IPSec, Hub & Spoke, Multi-layer Auth, Split Tunneling BYOD: Location aware, Mac binding, White/Black Listing Network Data Leak Prevention Malware Protection, Cloud Sandboxing & Zeroday protection Granular Access Control to network resources | 3
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Business Requirements Scalability & Reliability Fast & Remote Deployment Ease of Management Minimal Changes Security Use Cases Data Leakage Suspicious Behaviour External Media Use Spread of Malware / Ransomware Inability to Enforce Posture Check Increased Attack Surface VPN: Lack of Granular Access Control License Cost of VPN & VDI VPN: Provides Full Access to Intranet Unauthorized Execution of Sensitive Activities Insecure Browsing & Application Activities Unauthorized Access to Corporate Applications Control Loosening for Machines for Enabling Work From Home VPN Latency & Configuration Complexity VPN: Inability to add Remote User to AD or push group policies Non-compliance | 4
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Identity Management Solution leveraging Blockchain for Digital ID’s and Zero Trust Architecture. Secure Shield Provides secure RDP access to User Desktops within the Corporate LAN from authenticated and authorized remote users and computers. Harnesses Software Defined Perimeter (SOP) architecture enhanced with Blockchain Technology to deliver a Zero Trust security model called Blockchain Defined Perimeter (BOP). Secure Shield Architecture ring fences servers and assets of an organization, rendering them invisible and impenetrable for hackers. Any suspicious activity by insiders or permitted devices will be immutably logged and stored in the blockchain-based solution's records. Using a Blockchain-Defined Perimeter, Block Armour renders an enterprise's most critical servers and resources invisible to external hackers. Creates digital IDs on the blockchain. Leverages multi-factor authentication by assigning digital IDs not only to users but also to each device registered on the network. Data Leakage prevented through RDP Policy. Easy to implement and manage with minimal changes in the Enterprise Environment. Deployment Secure Shield can be deployed in agent or agentless mode. Agentless mode consists of a Secure Shield gateway through which access is provisioned and enforced. | 5
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Zero Trust Network Access Solutions for secure remote access. InstaSafe Secure Access Cloud-based Security-as-a-Service solution to protect mobile and remote workers enabling them to safely and securely access enterprise apps, email and web from anywhere on any network. lnstaSafe Secure Access is a cloud delivered cybersecurity service, that protects high risk applications, against existing and emerging threat vectors. Protects against cyber attacks like credential theft, server exploitation, man in the middle attacks by only allowing access from authorized users and approved devices. Based on the principle of Software Defined Perimeters (SOP) or 'Black Cloud' where the user and the device is verified before enforcing the application access. The module of lnstasafe called Gateway is installed. The gateway acts as the bridge between the applications and the users. It is placed anywhere inside the network with only a private IP address and is not exposed to the internet. It creates a tunnel to the lnstasafe controller. Routes all user traffic destined to the applications protected by this gateway through that tunnel. a. b. c. d. e. Deployment It is delivered as Saas solution. | 6
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Unifies User behaviour analytics and mobile workforce management solution. inDefend Insider Threat Management: User behavior analysis by monitoring activities and communication habits. Real-time Alerts: Incident alerts for any data exfiltration activity. Enforced Encryption: Multiple endpoints security with implemented encryption on external storage devices to restrict the use of sensitive information or files. Optical Character Recognition (OCR): Extracts text from images and processes them further to detect the presence of sensitive content like keywords, regular expressions, or file types with OCR. Data Leakage Prevention: Monitors, alerts, and/or blocks capabilities for Emails, File Uploads, Attachments by its Secure Email Gateway approach wherein it provides a protection layer on the content going via corporate email to any third party. MobSec Uses Cyber Intelligence to analyze the information flowing within and outside the company. Mobile Device Management: Custom and thorough monitoring over enterprise mobility. Mobile Application Management: Enables blacklisting and whitelisting of application by the administrators. Content Management: Keeps all the data secure in a different container and access to business-critical data through secure apps. Employee Productivity Monitoring: Monitors device usage logs to examine employee productivity. Deployment inDefend server can be hosted on cloud, on premise or on any cloud-based server provided by the customer. MobSec can be deployed on cloud or on premise. | 7
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship Cloud Access Security Broker Solution Cloud Access Security Broker (CASB) Provides access control that stops unauthorized end users from accessing confidential files and data on any internet browser, only one browser may be used to ensure policies management. Access Control using IP Restriction, Browser Restriction, Device Restriction, Geo Fencing, Time Restriction. The program manages Google Chrome using Google admin chrome management console and pushes applications and extensions through it. Organizational unit-based granular control policies are also easily rolled out. SSO: Mobile compatible single Sign-On allows one-click access to all cloud applications using a single ID and password. DLP: Enables the IT admin of the organization to set up policies through the CloudCodes CASB dashboard to monitor, track and prevent business data. Identity Management: Controls the access to resources within the enterprise system by incorporating user policies and restrictions with the verified identity. CASB helps in Data loss prevention, Threat protection, Access control, Regular reporting, Device monitoring. } 8
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship AI & ML based Unified Network Security Gateway, acting as Next Generation Firewall/UTM. Unified Threat Management Solution (UTM) Data Leakage Prevention Helps control the transfer of important data on HTTPS/HTTP/FTP/P2P & other file sharing applications. Blocks attachments, chats based on predefined keywords. Vulnerability Assessment Scans to enumerate possible vulnerabilities on IT assets. Summary presents risk score with mitigation steps. Bandwidth management Feature to limit data and speed usage along with the time for easier user management. Allot different speed, data and FUP usage policies to users/guests based on their profile/room type. High Availability Run the two appliances in active-active and activebackup mode with stateful failover. Anti-Malware and Ransomware Protection Scans a packet various ports based on file type. Signatures automatically updated via cloud to increase security. Intrusion Detection & Prevention System Has 25000+ default signatures along with the auto update feature. Admins can also create their custom IPS signatures and Rules. Anti-Spam Inbound and outbound scanning of packets, real time white/black listing of IP & domain and MIME header check. Access Management Robust Authentication, Authorization and Accounting feature to manage several users at a time. Authorise host based on User, MAC and IP policies. Surfing and Threat Logs Storing user surfing logs helps organizations to handle easy tracking. Inbuilt logs storage facility for 1 year with searchable feature. | 9
National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship About Us DSCI's National Centre of Excellence (National CoE) is a Joint Venture between Data Security of India (DSCI) and the Ministry of Electronics and Information Technology (MeitY) with the objective of providing impetus to the startup ecosystem in India. DSCI has set up a facility, which houses technology research lab, experience zone for demonstration of national cyber capability, experimental SOC, co-creation spaces, training facility for niche capability building, and an incubation center. National Centre of Excellence for Cybersecurity Technology Development & Entrepreneurship A JOINT INITIATIVE BY Disclaimer: This is a content series for National Centre of Excellence to dissect the emerging security technology products to reveal use-cases, technology stack and deployment strategies. This effort is to create awareness and understanding of technology and not to promote any particular product or company. #user _behaviour _analytics #work_from_home #encryption #ocr #dip #monitoring #rdp #zero_trust_security #authentication #casb #single_sign_on #identity_and_access_management @CoeNational company/nationalcoe @nationalcoe www.dsci.in/content/national-centre-excellence-cyber-security-technology-development ncoe@dsci.in For more information please visit our official websites: www.blockarmour.com & www.gozerotrust.com | 10