With RSA Conference close at hand, we sat down with Gautam Mehandru, Illumio’s global vice president of product, solutions and technical marketing, to hear his thoughts on practical ways of approaching Zero Trust security to defend against ransomware and other cyberattacks.
What trends do you see shaping the IT industry today?
Gautam Mehandru: The IT industry overall is going through a major transition. The way that companies have historically deployed, managed and secured applications and their workloads is rapidly evolving.
A growing percentage of workloads are moving to the cloud, though many applications still live on-premises in company data centers. For the foreseeable future, most modern enterprises will be adopting a hybrid IT model that combines on-premises systems with hyper-scale cloud providers.
If you ask most any organization what benefits they’re trying to achieve from this hybrid IT model, they’ll tell you that they’re after agility and flexibility.
Hybrid IT gives you those benefits, but it also creates more complex security risks and expands the digital attack surface for an enterprise. The diversity of environments and systems in hybrid IT creates gaps in visibility, control and security.
When you have workloads running everywhere, it’s harder to see what’s happening with them. It’s harder to centralize control over them, and that means it’s also harder to defend against cyberattacks.
An attack can breach a device anywhere in this hybrid environment and quickly spread to cripple an organization before it has time to respond. Security analysts, for example, found that ransomware can encrypt 100,000 files in as little as 5 minutes and the medium time for the most common ransomware to seize control of key assets is 45 minutes.
Without new security tools to defend modern, highly distributed computing infrastructure, companies are at risk of similar attacks striking them, too. Manual response methods, as well as traditional endpoint detection and response (EDR) tools, simply can't address these sorts of risks effectively.
Let’s face it. Breaches are going to happen. Somewhere in an organization's IT landscape, an endpoint device will fall victim to attack. The question is, does the organization have the tools in place to immediately detect the attack? Can they quickly contain the attack and keep operations going?
This is now an essential requirement for any enterprise adopting hybrid IT: Assume you will be breached and prepare accordingly.
How is Zero Trust security helping companies address the challenges of hybrid IT environments?
Gautam Mehandru: Companies of all sizes need modernized security practices to protect themselves from today's growing risks from ransomware and other kinds of cyberattacks.
By enforcing Zero Trust policies that deny access to all traffic not explicitly authorized by the organization, Zero Trust Segmentation prevents attackers from engaging in "lateral movement." Malware or a hacker might be able to breach a single endpoint device, but Zero Trust Segmentation stops attacks from moving across the network beyond that initial point of entry.
Once you have the mindset that breaches will happen — that breaches are now a fact of life for every organization everywhere — then the necessity of Zero Trust Segmentation is clear.
It’s a necessity because it’s the only approach that's proven to stop breaches from spreading from a single computer into something catastrophic. Such protection is now essential to ensuring cyber resilience from today's diverse and growing security threats.
How does Illumio help support organizations in their drive towards Zero Trust security?
Gautam Mehandru: Overall, and most importantly, we've created a simple to use, highly scalable way for any organization to implement segmentation down to the application workload level. This provides unprecedented, fine-grained control of how you can segment and firewall off various parts within your IT infrastructure. This kind of segmentation, what we call Zero Trust Segmentation, is fundamental to implementing true Zero Trust security.
In more detail, Illumio first provides real-time visibility into application communications across hybrid IT environments. Second, Illumio lets you transform that visibility into easy-to-create segmentation access policies to protect your most critical resources. Finally, with Illumio, you can enforce increasingly granular security segmentation policies for all kinds of workloads.
And with Illumio, you can take it a step at a time. Every step of the way, you're increasing your security posture.
You can start by blocking some usual culprit ports. You can then move to separating your development environment from your production environment.
And over time you can enforce more and more granular policies to where you've completely segmented your environment at the workload level.
So, it's up to each organization in how it implements Zero Trust security, but the Illumio platform helps them achieve Zero Trust objectives by providing a simple way to create tighter segmentation security controls.
What makes Illumio different from other segmentation solutions on the market?
Gautam Mehandru: Completeness and ease of use. There are a lot of point solutions out there that handle one or two aspects of Zero Trust security or segmentation. Many of these products are limited in their applicability to very homogenous environments, such as everything running on-premises.
They're not purpose-built like Illumio for modern IT architectures. We're the only platform on the market that makes microsegmentation easy and highly scalable for hybrid IT.
To keep your organization secure, you need to be able to enforce the right segmentation policies for each workload in whatever environment it happens to be running in. It's impossible to do this using traditional firewalls and networking gear. And that's why Illumio was created.
Illumio not only helps you easily set up the right policies, it dynamically updates and maintains that consistent security posture as workloads move around.
All together, Illumio delivers the agility and flexibility required by hybrid IT. It is modern security that can keep businesses safe while keeping up with today's new way of doing business.
Meet Us at RSA Conference
Drop by the Illumio booth (#5555, Moscone North) and ask for a demo to learn more about Zero Trust Segmentation and its benefits for containing ransomware attacks.
We’ll be glad to show you how we make Zero Trust Segmentation fast and easy to implement for companies of all sizes.