Security made simple.

UNIFIED ENDPOINT FIREWALLSECURITY

© 2020 ditno. 1 | Unified Endpoint Firewall Security

TABLE OF CONTENTSUnderstanding IT security weaknesses

IntroductionDefending the perimeter is no longer an effectivestrategyPathways to your critical dataFalse sense of securityHybrid environments

Delivering and managing IT security weaknessesRisk reduction without compromising costSimplification and streamlining resistance to changeReal time IT security governance

How can ditno make security simpleCentralised managementDiscovery and visibilityMinimise threat impactActive governanceCost effectiveness

2222334

5567

888888

We are living in a time of continual change, organisations are increasingly reliant on their IT teams andpartners to enable digital transformation in order to successfully compete and in some cases to retainrelevance. As part of this transformation, it is common to review the infrastructure that underpins an organisation’sservices. Public cloud is now an attractive option providing access to services that offers agility, scaleand typically lower costs when compared to on-premises alternatives. A number of business driverspreclude many organisations from shifting completely to the cloud with the majority moving to a hybridmodel enabling workload specific placement decisions to be made.

Organisations have been managing their owndata centres for years, these have typically grownorganically as business needs shifted. Until now,this has satisfied the organisation's risks appetitebut cyberattacks are changing, insider threatscontinue to increase and remain one of thelargest unsolved issues in cybersecurity. Zero Trust is now a popular security strategy,organisations should not automatically trustanything inside or outside perimeter. A network is only as strong as the weakest linkand a single data breach may have devastatingconsequences to an organisation.

Zero Trust is now a popularsecurity strategy,organisations should notautomatically trust anythinginside or outside perimeter.

© 2020 ditno. 2 | Unified Endpoint Firewall Security

UNDERSTANDING IT SECURITY WEAKNESSESIntroduction

Defending the perimeter is nolonger an effective strategy

IT services and data are extremely valuable to anorganisation and its customers. Therefore, it isnecessary to understand all pathways to your 'crownjewels' - Are they open to everyone? Can threatactors move 'sideways' throughout the network?What is a normal trend for a service? Recently, many data breaches have occurred due to'open' networks, an adversarial threat targets avulnerable outer edge networked device then easily'moves' throughout the network to compromisecritical systems. Compliance reviews and audits should no longer bemanual or scheduled activities, IT operations teamsneed to be actively monitoring to ensure each ITservice is within the appropriate risk tolerance. Ifcontrols are misconfigured and therefore expose anorganisation, a threat adversary will not wait for thenext governance review and remediation activities toattack.

© 2020 ditno. 3 | Unified Endpoint Firewall Security

PATHWAYS TO YOUR CRITICAL DATA

Compliance  reviews and auditsshould no longer be manual orscheduled activities

Every endpoint should enrich theholistic data set to create apowerful 'network effect'

FALSE SENSE OF SECURITYMany organisations do not understand or havevisibility of their connected endpoints, what theyconnect to, where and how much data theytransfer or if a rogue endpoint is present. Thisdemonstrates a gap between the perceived andactual risk landscape- a lot of major data breacheshave been active for months if not years. Therefore, security strategies need to change,each endpoint requires autonomy whilst providingreal-time visibility of activity. Every endpointshould enrich the holistic data set to create apowerful 'network effect'.

Hybrid environments and the proliferation of new types of endpoints (e.g. loT devices) create a mesh ofnetwork connections and additional attack vectors. Managing these complex environments is a criticalpart of day-to-day activities and risk management. Organisations strive to maintain security policies and procedures across their environments, but may nothave implemented them consistently. Without a central management platform and an overarchinggovernance model, inconsistencies are difficult to identify and therefore presents a state of undetectedrisk. A major concern for both senior executives and board members is the ability for an organisation toeffectively manage the risks relating to cyber incidents. If a hybrid environment is not configured toprovide consistent governance, not only will the risk likelihood increase but also the costs to managethose environments and changes will take longer to implement.

© 2020 ditno. 4 | Unified Endpoint Firewall Security

HYBRID ENVIRONMENTS

IoT alone is expected to create

50 billion endpointsby 2020 and

75% of organisationsplan to use hybridenvironments. These two areas present a largevariety of opportunities forthreat adversaries to attack.

When analysing risk versus cost, it is important toconsider all aspects, from upfront and ongoingcosts, to personal and impact value. For example,adverse cyber-related publications and databreach investigation can put the average cost of abreach in excess of $5 million. As ditno is offered as a pay-as-you-go service, itimmediately removes upfront and ongoingcommitment costs.

ditno's unified firewall solutions enable telemetry,autonomy, and automation of endpoint security.

Telemetry provides insights into IT servicedependencies and identifies where risk exposureexists and adjustments needs to be made.

Endpoint autonomy ensures all unauthorizedpathways are closed. This protection is consistentacross dispersed environments which significantlyimprove an organisation's risk profile.

Automation increases the efficiency ofdeployment and operational processes bysuggesting the necessary rules and activelymanaging rule usage.

Combining endpoint telemetry, autonomy andautomation creates an effective risk managementsolution with minimal effort and cost.

Isolation of your system is one of the bestcountermeasures to data breaches, ditno caneasily, segment your systems to contain threatswhich immediately demonstrates good ROI.

5 | Unified Endpoint Firewall Security © 2020 ditno.

DELIVERING AND MANAGING IT SECURITY WEAKNESSES

Risk reduction without compromisingcost Isolation of your systems is one

of the best countermeasures todata breaches

ditno's solution is platform agnostic, which allows organisations to standardise security controls andsecurely move workloads between different infrastructure providers. For example, when an endpoint ismigrated from an on-premises to a public cloud environment, the security policies dynamically adapt tomaintain the same level of trust. This presents an opportunity to simplify and standardise deployments and operational processes, whichcreates a consistency in streamlining resistance to change and accelerates the security life cycle acrossthe organisation. For example, the National Institute of Standards and Technology (NIST) Cybersecurity Framework can beused to define and manage an organisation’s risk posture and encourage continuous improvement. ditnoeliminates the need to duplicate designs and implementations across environments which will improveefficiencies and ensure the same risk posture. The following diagram demonstrates how ditno aligns with the NIST Cybersecurity Framework:

6 | Unified Endpoint Firewall Security

Simplification and streamlining resistance to change

© 2020 ditno.

Real time IT security governanceditno’s security governance is the key ingredient thatbinds together diverse environments in an organisation tocreate an effective risk management and organisationalawareness of its risk exposure. Security controls cannot exist alone. They must be partof a broader risk management strategy. ditnoseparates the duties of security policy managementand security governance. Security governanceprovides confirmation that the security controls willremain compliant with a defined governance model. The organisation must have a risk tolerance threshold,this threshold may vary by IT service. For example,some IT services may be accessible from the internetand others definitely not. Network governance is the mechanism by which ITservices are actively assessed to ensure non-compliantcontrols are timely detected and reportedfor  investigation. This will enhance the speed of deliveryand provide comfort to explore and leverage innovativesolutions to improve business solutions.

7 | Unified Endpoint Firewall Security © 2020 ditno.

Network Governance is themechanism by which IT servicesare actively assessed to ensurethat non-compliant controls aretimely detected and reported forinvestigation.

8 | Unified Endpoint Firewall Security © 2020 ditno.

HOW CAN DITNO MAKE SECURITY SIMPLE

Centralised managementManage endpoint firewall security controls from a single unified platformstreamlines IT service delivery. Implementation and operational activities can bestandardised to simplify operational processes and significantly lower risks.

Discovery and visibilityDiscover IT service dependencies to create a secure baseline. A baseline helpsdefine future strategies and improves project and operational efficiencies.Additionally, endpoint telemetry is complemented by event management and SIEMintegration to detect anomalies across the organisation.

Minimise threat impactA breach of one endpoint can be enough for a threat adversary to bring devastationto an organisation. Security controls need to change, they need to be present onevery endpoint and ensure they are within an organisation’s risk appetite - if oneendpoint goes ‘astray' it should be immediately contained to reduce the impact.

?If you have any questions or want to learn more, just reach out to us on our website,ditno.com. We will be happy to answer questions or show you a demo of our platform.

Have a question?

Active governanceditno’s centralised management solution harmonises security policies andsecurity governance across any environments. This ensures security controls arebeing consistently applied and they are within the organisation's risk appetite.

Cost effectivenessAll endpoints adhere to the current risk and security framework. Removing theconcerns and effort of managing different risk profiles allows an organisation tofocus on the IT services. Delivering innovative solutions facilitates increasedrevenue whilst improving operational efficiencies.