RSA Conference 2018 is a flurry of lights, sounds and information. It’s easy to get lost in the buzz and miss what you really want to see. In case you fall into this category — or weren’t able to make the trip to San Francisco at all — we streamed an entire presentation from SonicWall malware expert Brook Chelmo live on Facebook.
Information and recommendations on protecting your wireless deployment
On October 16, 2017, Belgian security researchers made public their findings that demonstrated fundamental design flaws in WPA2 that could lead to man-in-the-middle (MITM) attacks on wireless networks.
Named KRACKs, or key reinstallation attacks, this technique can theoretically be used by attackers to steal sensitive information from unsuspecting wireless users leveraging these flaws in the WiFi standard. Based on their research, CERT issued a series of CVEs to address this flaw, and most vendors affected have issued patches as of this writing.
More details on these vulnerabilities are available on the researchers’ website at www.krackattacks.com.
Are SonicWall wireless solutions vulnerable?
SonicWall Capture Labs has evaluated these vulnerabilities and determined that our SonicPoint and SonicWave wireless access points, as well as our TZ and SOHO Wireless firewalls, are not vulnerable. No updates are needed for SonicWall wireless access points or firewalls with integrated wireless.
What can I do to protect my wireless network?
Whether or not you are a SonicWall wireless network security user, we do recommend that you take immediate action to minimize the risk presented by these vulnerabilities. We advise the following:
- Patch all of your WiFi clients, whether Windows, Linux, Android, iOS or Mac OS based, with the latest KRACK updates from your client vendors. The attack is launched by compromising the wireless device, not the wireless router, so that is the most important area to focus on when you go about patching.
- If you are not a SonicWall wireless customer, check with your vendor to determine if you need to patch your wireless access points and/or routers. Ideally, your WiFi solution would be centrally managed allowing you to provide updates and patches in a timely fashion without crippling IT resources. Again, if you are a SonicWall wireless customer no updates to the access points are needed.
- Add an additional layer of security by using VPN technology to encrypt all network traffic between your wireless devices and your firewall. For SonicWall customers, we recommend the following:
- Advise your users to transmit sensitive data only on TLS/SSL-encrypted web pages. Look for the green lock symbol in the address bar along with https in the URL.
- The new SonicWall SonicWave series includes a dedicated third radio for scanning. For SonicWave wireless users, we recommend that you turn on the wireless intrusion detection feature that allows you to block traffic from rogue access points (specifically in this case an evil twin). This will ensure that the third radio is continually scanning for these types of attacks in real-time.
- Be on the lookout for unusual activity inside or outside your facility. In order to launch an attack using these vulnerabilities, an attacker must be physically located within Wi-Fi range of both the access point and the wireless client that is attempting to connect to the network. That means the attacker must be in or near your building, which makes it a bit more difficult to leverage than other Internet-only attacks.
- One other note: there is no need to change Wi-Fi passwords as the KRACKs do not require the Wi-Fi password to be successful.
SonicWall believes that IT must be able to provide secure, high-speed access for the organization across both the wired and the wireless network, especially as Wi-Fi becomes more of a necessity and less of a luxury. However, cyber criminals are racing to leverage wireless to initiate advanced attacks.
SonicWall can help you extend breach prevention to your wireless network. SonicWall’s wireless network security solution provides deep packet inspection for both unencrypted and TLS/SSL-encrypted traffic along with a cloud-based, multi-engine Capture sandbox and a complete lineup of centrally managed SonicWave 802.11ac Wave 2 wireless access points.
To learn more, visit SonicWall Wireless and Mobile Access solutions.
As PEAK16 comes to a close, I would like to recap some of the highlights from the numerous conversations with our world class and loyal VAR community.
From the stage, the close to 744 channel partners in attendance heard about the latest ways to protect customers while ensuring IT is a business enabler, especially in light of the growing pervasiveness of ransomware. I trust that all those who attended are leaving Las Vegas with expanded knowledge, tools and solutions to equip their customers to open their own ‘Department of Yes.’ We have an amazing VAR base who deploy and manage secure networks for 32 percent of the SME market (According to Infonetics Q1 2016).
We highlighted the new SonicWall Capture Advance Threat Protection Service which is fully operational and provides arguably the best Advanced Persistent Threat (APT) and ransomware prevention in the market. This cloud based service, available with SonicWall firewalls, provides advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway and with automated remediation.
New Cloud Security Management Solution to meet growing demand for Security-as-a-Service
In order to help our VARs drive operational efficiency and meet the growing demand for security-as-a-service, SonicWall announced a technology preview of its Cloud Security Management Solution. This Cloud Global Management System (GMS) will enable partners to scale even faster, with streamlined deployment, management and reporting. We are in beta today.
PEAK16—The Buzz in the Halls
Beyond the official keynotes and breakout sessions, the buzz at Peak16 was around the upcoming acquisition of SonicWall by Francisco Partners and Evergreen. Announced earlier this summer, the sale will allow SonicWall to become an even more nimble and strategic network security solution provider. Our new Secure First Partner Program will help partners differentiate their offerings in the marketplace, while ensuring we provide the right partners increased profitability based on the level of value they provide to our customers.
“I started attending SonicWall’s PEAK again since it relaunched in 2014. During this period my company has grown in excess of 30 percent each year with SonicWall network security solutions and as a result just recently outgrew our office space and relocated to our own building two weeks ago. I don’t think this growth is by any accident, as the networking, contacts and content at these PEAK16 Conferences leave me charged up with new ideas and seeking new opportunities to expand our business,” said Steven J. Ryder, president, True North Networks, LLC.
It was great to reconnect in-person with our channel partners at PEAK16. Thanks to our loyal partner network, our solutions are actively providing secure access to more than one million networks, ranging from small businesses to leading retail and education institutions.
Today’s advanced threats are designed to evade detection. An explosion of zero-day threats challenges every one of us. In 2015 alone, our solutions blocked more than 8.19 billion attacks. And most recently, the onslaughts of ransomware attacks have escalated an environment of fear. How do you defend against unknown zero-day threats? How can you turn that fear into greater security confidence? How can you say YES to new IT projects without regret? Many of the answers will be highlighted at SonicWall PEAK16.
This week, I am honored, as keynote speaker, to present the current market challenges and SonicWall’s strategic solutions at the PEAK16 Conference. Attending the conference at the Aria in Las Vegas is a sold-out crowd of more than 700 channel partners focused on network security. The conference will have a heavy focus on SonicWall Capture Advanced Threat Protection (ATP) and Content Filtering Service 4.0. We are also providing a tech preview of our Cloud Global Management System (GMS).
These are just a few of the solutions we will cover that will help turn fear and hesitation into confidence and progress. The PEAK16 Conference doesn’t stop there. We’ll spend two and half days covering more than 30 breakout sessions and providing both technical as well as business focused content to better enable our partners to better protect their customers. Our customers are already benefiting from SonicWall Capture.
“We did some evaluations of other sandbox solutions, but SonicWall Capture was the easiest to implement and most cost effective to license and manage. Because it’s offered as an upgrade to our firewall and only requires a firmware update, testing and eventual deployment into a production environment was really easy. We are looking at utilizing this at our other sites as we focus on multiple, layered approaches to security,” stated Zachary A. Radke of Santa Fe Senior Living.
Congratulations to all our partners who are making an investment in time and travel. We are proud to work with you to deliver world-class security. Let’s turn fear and doubt into confidence. Let’s find all the different ways we need to say YES!
I like cars. All kinds of cars. From high speed racers, to utility pickups and even classics like the 1961 Corvette I’m looking to restore in my spare time. Partner programs are a lot like cars. Some are basic and get you from point A to point B. Others are high performance vehicles designed to thrill. As we announce the new SonicWall Secure First partner program and Reward for Value incentives at our PEAK16 conference this week in Las Vegas, we’ll unveil a program that I’d like to believe has a lot of horsepower, gives its drivers great controls, and is a dependable ride.
At the heart of the new program are our partnering engines designed to help our partners deliver the best security possible to protect their customers while creating more value for their business. We’ve tuned up all the partnering engines Incentives, Enablement, Support and Services.
For the incentive engine, “Reward for Value” recognizes and rewards partners for the full value they contribute to selling and supporting SonicWall solutions across the entire customer lifecycle. Whether it’s hunting a new sales opportunity, delivering a proof of concept, attaching incremental security services subscriptions to a sale or demonstrating vertical market expertise, Reward for Value delivers balanced up-front discounts and back-end rewards.
We’re also revving up new partner sales and SE trainings and accreditation tracks all built on a new partner enablement platform that delivers rich media training content and sales tools designed around the customer lifecycle. The new accreditations will provide valuable general knowledge on the threat landscape and cyber security, as well as on the latest SonicWall solutions like SonicWall Capture our new advanced threat protection offering.
Additionally, the Authorized Support Partner program is being announced to help partners builds out profitable support and services practices with their SonicWall solutions. Rich with support and services enablement that will ensure together we deliver customer success, this new program will recognize and reward Partners for owning their customers through deployment, support, optimization and upgrades. We’re also highlighting the momentum we’re building with our Security-as-a-Service and how partners can deliver managed security services on the SonicWall platform.
With close to 750 Partners attending from across the Americas, this is our largest and most successful partner event in the history of SonicWall. In fact, I’ve talked to Partners here who have attended every Peak we’ve hosted over 14 years! Talk about a loyal and dedicated Partner base. It’s humbling and an honor to count these companies among our Partners. And speaking of great Partners, I want to thank our platinum sponsors for co-sponsoring this annual event Tech Data, D&H Distributing, Securematics, SYNNEX and Ingram Micro. Without them none of this would have happened.
Our Americas business is running on all cylinders, the partnering engines are revving up and we’re thrilled to launch our Secure First partner program and Reward for Value. With the partner feedback and validation we’re receiving at PEAK, we’ve got our eyes focused on the road ahead and together with our Partners are speeding toward even greater success.
“SonicWall has proven to be a winner for us in our security practice. We have had a number of wins against other security products because of the support provided by SonicWall. PEAK16 is in that it enables me to engage with peers and enhance my skills,” says Jeffrey Grant, vice president of Tri-Delta Resources Corp.
“SonicWall understands partner challenges, enabling us to deliver thousands of customer centric solutions over the 25 years,” said Joseph Tassia, president of Nuoz.
I am meeting one-on-one with our partners this week to listen and help them further with their security mission. Follow @SonicWall on Twitter and SonicWall on Facebook with #YesPeak16 to join in the conversation and get updates. We want to hear from you.
The following is a guest blog post by Michael Schwab, Co-President at D&H Distributing
As a distribution sponsor of Peak 2016, we’re thrilled to enhance our ongoing relationship with SonicWall and meet with the company’s influential base of partners. At this year’s event at the Aria in Las Vegas, Nevada, Aug. 28-31, we will continue our dialog with SonicWall solution providers on the value we can deliver as a distribution partner. D&H is proud to offer exclusive programs, including our new Pre-Sales Support program, dedicated Cloud Specialists, Partner Services marketing materials, the Incentives Rewards loyalty program, and educational opportunities through both trade events and our state-of-the-art Solutions Lab training platform. These services help partners acquire product knowledge, increase purchasing power and gain incremental revenues, including through solutions like the SonicWall security products.
We endorse a consultative approach with our channel resellers, investing time, effort, and a dedicated account person toward helping each customer grow his or her skills set and core competencies. D&H positions its customers to succeed, helping them to leverage lucrative opportunities ranging from business continuity, to upgrade and total technology refresh projects, to ushering-in the new modern workplace with hosted services and seamless mobile technologies.
Our growing relationship with SonicWall is important to us, being part of our focus on the SMB marketplace. This is why series such as the industry-leading SonicWALL TZ Unified Threat Management (UTM) firewalls, the SonicWall NSA next-gen firewalls and the SonicPoint wireless access points are ideal offerings for our mutual customer community.
Partners can speak to a D&H SonicWall Specialist, part of our world-class Solutions Specialist Team, and other D&H personnel at booth #105, to find out how to benefit from our personalized service model. Attendees can enter to win a $500 American Express gift card giveaway, to be announced Tuesday, August 30 at 5:30 p.m. during the show. Visit www.dandh.com/peak to find out how to take advantage of the comprehensive business support services that D&H provides. New customers are eligible for a $100 American Express gift card after their first $1,000 purchase.
Be sure to mention us when you participate in social media with #YesPEAK16, @dandh, @SonicWALL. And join in the fun by posting about your SonicWall installation in the event’s social media sweepstakes, using #YesPeak16 and/or #Peak16Selfie. SonicWall partners can follow D&H on Twitter, visit us online at dandh.com, or contact their SonicWall Solution Specialist at SonicWALLSpecialist@dandh.com.
Thanks. We look forward to working with you to realize new opportunities in 2016.
Michael Schwab began his D&H career in 1989 as an outside sales rep. in the Philadelphia area. In 1991, Michael joined the corporate group in the Harrisburg headquarters as director of merchandising. Over the years, he has overseen D&H’s staff of product managers, which has grown from a department of two to the current group of 50+. In 1999, he was promoted to vice president of purchasing where Michael played an integral role in establishing relationships with major D&H partners including Lenovo and Cisco Systems. Michael assumed the role of co-president, along with his brother Dan Schwab, in May 2008. In their inaugural year as co-presidents, Michael and Dan Schwab were ranked in Everything Channel’s list of the Top Executives in 2008, and have been named to its Top Executive lists every year since, including the #1 spot on the 2011 “SMB Superstars” list.
Michael has been instrumental in leading D&H toward various industry and regional distinctions and awards, including the Central Penn Business Journal’s Business of the Year award 2011, and 2012; that magazine’s #1 Privately-Held Business from 2011 to 2014; The ESOP (Employee Stock Option Program) Association’s AACE Award for best communications program by an employee-owned company; and a host of vendor partner awards.
Michael earned his Bachelor of Science in Economics at the University of Pennsylvania in 1985 and completed a law degree in 1988 at Villanova. Prior to D&H, he worked for the leading accounting and consulting firm Arthur Andersen.
It’s summertime, so that means Black Friday is only four months away. Some retailers like to get a head start on the event and offer special Black Friday deals during July as a means to generate some additional sales over the summer. There are also “Christmas in July” promotions. Most of us, however, will wait to make our purchases until the traditional start of the holiday shopping season in November.
Whether it’s over the summer or later in the year, events such as Black Friday, Small Business Saturday and Cyber Monday offer consumers an opportunity to shop for a great deal. Increasingly the researching and purchasing of items during the holiday season is done online. According to the National Retail Federation (NRF) both holiday retail sales and non-store sales increased again last year. Results from a 2015 NRF survey also found that 46 percent of holiday shopping (browsing and buying) would be done online. This was an increase over 2014 and a trend that is likely to continue in 2016.
People enjoy shopping online for many reasons: it’s convenient, there are no crowds, you can often get better deals, and it’s easier to compare items. No wonder it’s become a popular activity, both at home and at the office. And for many employers, that’s the problem. Online shopping at work negatively impacts productivity. It’s like taking an extended lunch break on your computer. It also introduces security risks to the company’s network. Who knows whether the sites employees visit to make purchases are legitimate and aren’t sources for malware distribution.
Shopping isn’t the only online activity that affects organizations. In 2016 there are a slew of sporting events drawing worldwide interest: March Madness and the Ryder Cup in the US, Euro 2016 in France, the Summer Olympics in Brazil to name a few. Like they do with online shopping, employees will be spending time at work focused on something other than their jobs. For example, streaming live events at the office is very popular, albeit somewhat risky. Read Wilson Lee’s blog “Zika is not the only virus you can get by watching the Olympics” for details on the threat streaming the Olympics can pose to your network.
In addition to productivity and security concerns, streaming video opens up a third issue for employers which is the consumption of network bandwidth for a non-essential activity. In fact, during the last Summer Olympics in 2012, Los Angeles City Hall employees were asked to stop watching the games online at work due to the high volume of network traffic it was generating.
Whether or not online shopping and watching streamed sporting events during work are approved by management, most employees will be engaged in these activities at some point. Knowing this, what steps can organizations take to maintain productivity, protect the network from attack and conserve bandwidth? Here are a few:
- Set limits – Tools such as web filtering and application control provide the ability to restrict access to online shopping sites and streaming video by time of day. Employers have the option to allow these activities during lunch or after hours while blocking them during the rest of the work day.
- Manage that bandwidth – Another option is to restrict the amount of bandwidth allocated to streaming video. Less bandwidth for non-essential activities means more for those that are critical to the success of your business.
- Inspect encrypted web traffic – The use of secure sockets layer (SSL) and transport layer security (TLS) to secure internet traffic continues to rise. To protect your network from attacks hidden in encrypted web traffic, make sure your firewall can decrypt and scan encrypted traffic for threats.
If you’d like to learn more about how to protect your network and preserve productivity and bandwidth during the holiday online shopping season and other events watch this free webcast. You can also find information on how SonicWall next-generation firewalls can help on our website.
One of the most frightening IT nightmares is hearing employees say their mobile devices or laptops were lost or stolen. Cyber-attacks and mobile threats are at the highest they ever been and will continue soar. Customers large and small face cyber espionage. Today, at SonicWall Security PEAK16 – “Come for Knowledge. Leave with Power” – at the Hotel Excelsior in Malta; we are announcing the SonicWall Secure Mobile Access (SMA) 100 Series OS 8.5. This product’s new features and enhancements offer comprehensive security; it allows IT administrators to quickly and easily deliver secure mobile access and roles based privileges. Remote workers using managed or unmanaged devices will have secure, fast and easy access. I am honored to share this news at our highly anticipated, annual conference for European security value-added resellers (VARs). For the next two days, we are meeting for insightful one-on-one dialogue with top VARs business and technical executives.
The VARS are at the core of our ecosystem. They deliver the expertise to chief security officers (CISOs) with speed and agility, without compromising company security. This is at the heart of our worldwide campaign, the “Department of Yes.” When you partner with SonicWall Security, you have the power and support of the world’s leading security provider for your customers — while opening up limitless opportunities for your business.
“We at CETSAT have been working with the SonicWall family of products for over 15 years. SonicWall has always been able to maintain a commanding relevance to business and today is no different. With IT security increasingly on the mind of every business owner, director and staff responsible for technology, the SonicWall Security portfolio of products leads the way in helping companies of all sizes to reduce risk from cyber threats and prevent disruption to business. CETSAT look forward to a continuing and beneficial relationship with this great world brand.”
— Durgan Cooper, president of CETSAT
Peak16 attendees and press will be introduced to SonicWall Secure Mobile Access OS 8.5’s capacity to allow small to medium sized businesses to ensure workers can be securely productive anywhere and on any device. Becoming part of the “Department of Yes” gives IT administrators the flexibility to enable BYOD while protecting business assets and the organization from today’s shape-shifting threats. The SMA 100 Series is compatible with devices across Windows, iOS, Mac OS X, Android, Linux, Kindle Firewall and Chrome. We provide mobile users secure access to network resources including shared folders, client-server applications, intranet sites, email and remote and virtual desktop services. Our proven and award-winning solutions enable IT to configure polices for context-aware authentication, granting access only to trust devices and authorized users. Some of the innovative enhancements of this release include:
- Policy wizards – Easy wizards to deploy policies for OWA, ActiveSync, Outlook Anywhere and Auto-discover.
- HTML5 Enhancements – Delivers end users with a rich access experience within their choice of web browser, eliminating their need to download, install and maintain additional software on their systems.
- Virtual Host Multicore Support – Increases resource capacity of host resources that can be accessed by SMA giving greater reliability and performance at higher concurrencies for connected users.
Also, noteworthy recent enhancements to SonicWall SMA 100 series include:
- Web Application Firewall (WAF) Enhancements ‒ Securing internal web applications from remote users, SonicWall’s award-winning WAF engine has been enhanced to detect against additional exploits and threats. This ensures that the confidentiality of data and internal web services remain uncompromised if a malicious or rogue authenticated user should gain access.
- Geo IP Detection and Botnet Protection ‒ Grants customers with a mechanism to allow or restrict user access from various geographical locations.
- End Point Control (EPC) Enhancements ‒ Enhancements to the SMA EPC engine provide greater assurance that the endpoint accessing the network is trusted and not malicious.
SonicWall Security EMEA PEAK16 also offers a wealth of state-of-the-art keynotes by our executives (including yours truly), as well as technical and business breakouts that open up the world of the Department of Yes. These jam-packed sessions address our end-to-end security, including our identity-aware firewalls and more:
- State of the market: SonicWall Next-Gen Firewall
- Become a total security provider, branch out with SonicWall’s Connected Security!
- The new EU Global Data Protection Regulation
- How to win every access deal with the highly extensible Secure Mobile Access Platform
- Network Security As A Service: monthly subscription model for service providers
- SonicWall Global Management Systems (GMS) and reporting tools
- SonicWall Email Security for the Cloud office
We are delighted that our security channel partners are joining us for SonicWall Security PEAK16 in Malta. I encourage you to engage live with us by following the ongoing discussion on Twitter, LinkedIn and Facebook at @SonicWall with the conference hashtags #EMEAPEAK16, and post your comments below.
One of my first customers in IT was a large retailer, with more than a thousand stores. This was at a time when e-commerce was just beginning, at least for large, traditional retailers. Giving their customers the ability to purchase on the web was still a year or two away.
This retailer made about 90 percent of its annual revenue between Thanksgiving and New Year’s Day. That was “Season”, and the entire year’s IT schedule was built around getting ready for Season. Any and all hardware upgrades, OS changes, and software updates were to be completed and locked in by mid October. Change control during Season was very simple: No changes unless something broken absolutely had to be fixed, you were able to make a 100% solid case for the change, and not doing the change would impact revenue. Otherwise, hold off until January.
Retail’s a lot more complex these days, and brick-and-mortar is only one of the revenue-generating retail channels. Still, Season remains Season. And it all begins with Black Friday. Estimates of 2015’s revenue for the first two days of Season, including Black Friday, top $4 billion in the U.S., with about a third of that coming from online sales. More than 150 million shoppers purchased online during the 2015 Thanksgiving holiday weekend.
Clearly, this is not a time to have security issues with your infrastructure, and especially so with your payment systems, whether online or POS systems in your stores.
The relevant compliance standard is PCI DSS (Payment Card Industry Data Security Standard). Version 3.1 takes effect on June 30, and includes a number of changes from the previous version (3.0). These include, with some exceptions, removal of SSL and early versions (1.0 and 1.1) of TLS, along with some additional clarifications of existing requirements, a number of which are common sense clarifications (For example, don’t send unencrypted account numbers in a text message. You think?).
Complying with PCI DSS is a good way to reduce your business’s risk of cyber attack, but it’s really only a waypoint toward better security, not an end in and of itself. That’s a point SonicWall Security’s Tim Brown, our CTO and a SonicWall Fellow, makes in an on-demand webcast highlighting the changes to PCI DSS in version 3.1, so that you can be best prepared for Black Friday. We offer SonicWall network security solutions to help you stay PCI compliant, and improve security well beyond the PCI basics. And staying in line with 3.1 will put you in better shape to have a more secure, successful Black Friday, Cyber Monday, and holiday Season. It will also prepare you for PCI DSS 3.2, which includes additional clarifications and new requirements, particularly around multifactor authentication for anyone having access to cardholder data. While 3.2 succeeds 3.1 as a standard for assessments as of this October, its new requirements will not be mandated until February 2018 until then, they’ll just be considered best practices.
Learn more about the changes in PCI DSS 3.1, and how they can help your business prepare for Black Friday. View Focusing on security to meet compliance: responding to changes in PCI DSS 3.1.
In medieval times, people relied heavily on physical security to protect their critical assets. Originally they had castles with walls and as attackers figured out how to breach those walls they added moats and draw bridges and murder holes to keep the advanced attackers out. But all of these hardened physical security measures designed to keep people out had the unfortunate side effect of making it difficult for people to get in, which in turn interfered with business and commerce. Needless to say, this type of security did not survive.
Cyber security has evolved in a similar fashion. Fifteen years ago, stateful packet inspection (SPI) firewalls were considered to be best-in-class protection against external threats. These firewalls were typically configured to block peoples’ access to internal resources. A user often had to submit a ticket to gain access to a server. Some types of communications required that specific rules were written to be allowed. This is the “castle wall” approach that many CISOs learned when they were being introduced to network security. But this approach to security is also outdated.
Organizations have to attract people rather than keep people out. Retail businesses post signs saying, “These doors must remain unlocked during business hours.” Security must take a similar approach, to become more dynamic: The question now is how do you keep an eye on who is coming in and out to provide necessary protection?
Unlike brick-and-mortar stores, where you keep doors open, electronic online presence never closes. Today, ecommerce is being done electronically 24 x7. Not only do you need to keep your electronic communication presence open, but also highly available and redundant. The question becomes: How do you keep an eye on what is constantly coming in and out of the network?
Two parallel goals in security are to keep the malicious traffic out while also keeping employees productive. If employees want to boost their productivity but IT is slow moving, they invent ways to work around the rules to enable the productivity measures they need to do their jobs more efficiently.
Fortunately, that paradigm is now shifting. Security is no longer about blocking or allowing necessary access. It is about enabling secure access on a permanent basis to enable the business. The perimeter is not only about blocking traffic, but also about easily enabling appropriate access for users. What should be allowed? Whatever enhances the environment and makes it better. For network security to detect malicious behavior, SonicWall next-generation firewalls analyze all of the network traffic, identify and eliminate what is bad, and let the good flow in and out freely.
In a similar way, application control becomes important as more people rely on their own applications. With the deluge of mobility, everyone is BYOD, bringing their own cloud (BYOC) and bringing their own applications. CISOs need to know what applications are running on their networks and analyze those applications.
And, with identity and access management, we need to make sure this is the right person, right level of privilege and the right level of access to critical company data. Also, for CISOs to effectively manage identities, it is important to have self-governance and self-provisioning to create, modify and revoke and renew identities without always having to call an information security administrator.
The Department of Yes is about empowering business initiatives while retaining security by governing every identity and inspecting every packet. It enables security professionals to allow remote workers to be more mobile, to go to the cloud, and to go back to the corporate network – securely and productively.
Visit SonicWall Security and open your own Department of Yes.