Upload
wilberreid
View
5
Download
0
Embed Size (px)
DESCRIPTION
Block Armour's Zero Trust Solution for WFH. Supported by the Data Security Council of India and the Ministry of Electronics and Information Technology.
Citation preview
National Centre of Excellencefor Cybersecurity Technology
Development & Entrepreneurship
A JOINT INITIATIVE BY
National CoE Content Series Product DissectionDoc ID: NCoE:0005
Indian Start-ups
SECURITY USE CASES& SOLUTIONS FOR WORK FROM HOME
Compilation of capabilities of Indian start-ups for securing WFH environment
Index
01
02
05
06
07
08
09
10
Introduction
Product Overview
Block Armour
About Us
Wi-Jungle
Data Resolve
Cloud Codes
lnstaSafe
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Introduction Amid the fear of contagion, working from home has become the new normal for many professionals.
Fortunately, in this increasingly connected world, professional commitments can be managed virtually.
However, with huge rise in the number of employees working remotely, it is of vital importance that we also take care of our cyber hygiene and be productive simultaneously.
As organization grapple and brace this new normalcy, following are some of the Indian security product organisations that can assist you in this journey.
| 1
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Product Overview
| 2
Blockchain enabled Digital Identity
Encrypted Channel
Agent based Access Deployment
SDP based Distributed Architecture
User & Device Authentication
Invisible Access Gateway
Data Leak Prevention through RDP Policy Device Authorization
Zero Trust Network Access (ZTNA)
Multi-factor Authentication
Geo-fencing of Devices
Indentity Aware Granular Access Control
Accessing SAS Apps Remotely
Secure Operation in Multi-cloud Environment
Geobinding of Devices
FilesApplication ServerDatabase
HOME OFFICE
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
| 3
Forensics Investigation
Employee Productivity Monitoring
Permissions for Mobile Employees
Compliance Monitoring
Data Leak Prevention
Employee Monitoring: App, activities, media, browsing
Single Sign-on
Cloud Workload Assessment
Shadow IT Controls
Compliance Check
Cloud DLP and Email DLP
Access: IP, Browser, Location, Device & Time Restriction
Granular Access Control to network resources
Network Data Leak Prevention
BYOD: Location aware, Mac binding, White/Black Listing
VPN: SSL & IPSec, Hub & Spoke, Multi-layer Auth, Split Tunneling
Malware Protection, Cloud Sandboxing & Zeroday protection
| 4
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Business Requirements
Security Use Cases
Fast & RemoteDeployment
MinimalChanges
Scalability &Reliability
Ease ofManagement
Data Leakage
Spread of Malware /Ransomware
VPN: Lack of GranularAccess Control
Unauthorized Executionof Sensitive Activities
Control Loosening forMachines for EnablingWork From Home
Non-compliance
Suspicious Behaviour
Inability to EnforcePosture Check
License Cost of VPN & VDI
Insecure Browsing &Application Activities
VPN Latency &ConfigurationComplexity
External Media Use
Increased AttackSurface
VPN: Provides Full Access to Intranet
Unauthorized Access toCorporate Applications
VPN: Inability to addRemote User to AD orpush group policies
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Identity Management Solution leveraging Blockchain for Digital ID’s and Zero Trust Architecture.
| 5
Secure Shield
Deployment
Provides secure RDP access to User Desktops within the Corporate LAN from authenticated and authorized remote users and computers.
Harnesses Software Defined Perimeter (SOP) architecture enhanced with Blockchain Technology to deliver a Zero Trust security model called Blockchain Defined Perimeter (BOP).
Secure Shield Architecture ring fences servers and assets of an organization, rendering them invisible and impenetrable for hackers.
Any suspicious activity by insiders or permitted devices will be immutably logged and stored in the blockchain-based solution's records.
Using a Blockchain-Defined Perimeter, Block Armour renders an enterprise's most critical servers and resources invisible to external hackers.
Creates digital IDs on the blockchain.
Leverages multi-factor authentication by assigning digital IDs not only to users but also to each device registered on the network.
Data Leakage prevented through RDP Policy.
Easy to implement and manage with minimal changes in the Enterprise Environment.
Secure Shield can be deployed in agent or agentless mode. Agentless mode consists of a Secure Shield gateway through which access is provisioned and enforced.
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Zero Trust Network Access Solutions for secure remote access.
| 6
InstaSafe Secure Access
Deployment
Cloud-based Security-as-a-Service solution to protect mobile and remote workers enabling them to safely and securely access enterprise apps, email and web from anywhere on any network.
lnstaSafe Secure Access is a cloud delivered cybersecurity service, that protects high risk applications, against existing and emerging threat vectors.
Protects against cyber attacks like credential theft, server exploitation, man in the middle attacks by only allowing access from authorized users and approved devices.
Based on the principle of Software Defined Perimeters (SOP) or 'Black Cloud' where the user and the device is verified before enforcing the application access.
It is delivered as Saas solution.
The module of lnstasafe called Gateway is installed.The gateway acts as the bridge between the applications and the users.It is placed anywhere inside the network with only a private IP address and is not exposed to the internet.It creates a tunnel to the lnstasafe controller.Routes all user traffic destined to the applications protected by this gateway through that tunnel.
a.b.c.
d.e.
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Unifies User behaviour analytics and mobile workforce management solution.
| 7
inDefend
Deployment
Insider Threat Management: User behavior analysis by monitoring activities and communication habits.
Real-time Alerts: Incident alerts for any data exfiltration activity.
Enforced Encryption: Multiple endpoints security with implemented encryption on external storage devices to restrict the use of sensitive information or files.
Optical Character Recognition (OCR): Extracts text from images and processes them further to detect the presence of sensitive content like keywords, regular expressions, or file types with OCR.
Data Leakage Prevention: Monitors, alerts, and/or blocks capabilities for Emails, File Uploads, Attachments by its Secure Email Gateway approach wherein it provides a protection layer on the content going via corporate email to any third party.
MobSec Uses Cyber Intelligence to analyze the information flowing within and outside the company.
Mobile Device Management: Custom and thorough monitoring over enterprise mobility.
Mobile Application Management: Enables blacklisting and whitelisting of application by the administrators.
Content Management: Keeps all the data secure in a different container and access to business-critical data through secure apps.
Employee Productivity Monitoring: Monitors device usage logs to examine employee productivity.
inDefend server can be hosted on cloud, on premise or on any cloud-based server provided by the customer.
MobSec can be deployed on cloud or on premise.
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
Cloud Access Security Broker Solution
} 8
Cloud Access Security Broker (CASB)Provides access control that stops unauthorized end users from accessing confidential files and data on any internet browser, only one browser may be used to ensure policies management.
Access Control using IP Restriction, Browser Restriction, Device Restriction, Geo Fencing, Time Restriction.
The program manages Google Chrome using Google admin chrome management console and pushes applications and extensions through it. Organizational unit-based granular control policies are also easily rolled out.
SSO: Mobile compatible single Sign-On allows one-click access to all cloud applications using a single ID and password.
DLP: Enables the IT admin of the organization to set up policies through the CloudCodes CASB dashboard to monitor, track and prevent business data.
Identity Management: Controls the access to resources within the enterprise system by incorporating user policies and restrictions with the verified identity.
CASB helps in Data loss prevention, Threat protection, Access control, Regularreporting, Device monitoring.
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
AI & ML based Unified Network Security Gateway, acting as Next Generation Firewall/UTM.
| 9
Unified Threat Management Solution (UTM) Data Leakage PreventionHelps control the transfer of important data on HTTPS/HTTP/FTP/P2P & other file sharing applications. Blocks attachments, chats based on predefined keywords.
Vulnerability AssessmentScans to enumerate possible vulnerabilities on IT assets. Summary presents risk score with mitigation steps.
Bandwidth managementFeature to limit data and speed usage along with the time for easier user management. Allot different speed, data and FUP usage policies to users/guests based on their profile/room type.
High AvailabilityRun the two appliances in active-active and activebackup mode with stateful failover.
Anti-Malware and Ransomware ProtectionScans a packet various ports based on file type. Signatures automatically updated via cloud to increase security.
Intrusion Detection & Prevention SystemHas 25000+ default signatures along with the auto update feature. Admins can also create their custom IPS signatures and Rules.
Anti-SpamInbound and outbound scanning of packets, real time white/black listing of IP & domain and MIME header check.
Access ManagementRobust Authentication, Authorization and Accounting feature to manage several users at a time. Authorise host based on User, MAC and IP policies.
Surfing and Threat LogsStoring user surfing logs helps organizations to handle easy tracking. Inbuilt logs storage facility for 1 year with searchable feature.
National Centre of Excellence for Cybersecurity Technology
Development & Entrepreneurship
About UsDSCI's National Centre of Excellence (National CoE) is a Joint Venture between Data Security of India (DSCI) and the Ministry of Electronics and Information Technology (MeitY) with the objective of providing impetus to the startup ecosystem in India. DSCI has set up a facility, which houses technology research lab, experience zone for demonstration of national cyber capability, experimental SOC, co-creation spaces, training facility for niche capability building, and an incubation center.
Disclaimer: This is a content series for National Centre of Excellence to dissect the emerging security technology products to reveal use-cases, technology stack and deployment strategies. This effort is to create awareness and understanding of technology and not to promote any particular product or company.
#user _behaviour _analytics #work_from_home #encryption #ocr #dip #monitoring #rdp #zero_trust_security #authentication #casb #single_sign_on #identity_and_access_management
@nationalcoe @CoeNational company/nationalcoe
www.dsci.in/content/national-centre-excellence-cyber-security-technology-development
National Centre of Excellencefor Cybersecurity Technology
Development & Entrepreneurship
A JOINT INITIATIVE BY
| 10
For more information please visit our official websites:www.blockarmour.com & www.gozerotrust.com