What if whitelisting were transparent to the end user and automated?
The simplest way to secure networks is to start with zero trust and “whitelist” each and every device that is authorized to connect to the network. Then you only have to deal with trusted devices, while everything of potential danger is excluded. The only problem with this approach: it’s hard and generally requires manual intervention, which usually leads to abandonment or, worse, ignoring policy.
The distributed enterprise has been a marvel of mobile empowerment, remote access, and self-serve IT services. The availability of cloud services has revolutionized access to computing resources. But these developments have also unraveled the traditional IT security cocoon that tightly controlled network access.
Driven to the edge
Furthermore, after a decade of centralizing data in cloud-based infrastructure and services, businesses are rapidly pushing intelligence out to the edge of the network, where data can be processed more quickly than transmitting it to the cloud and waiting for a response. Soon, many companies may be dealing with millions of Internet of Things (IoT) devices, ranging from “dumb” sensors to sophisticated processing systems.
“As a result, we could have the cloud computing perfect storm from the growth of IoT,” writes cloud consultant and commentator David Linthicum. “After all, IoT is about processing device-generated data that is meaningful, and cloud computing is about using data from centralized computing and storage. Growth rates of both can easily become unmanageable.”
Ensuring trust over this ever-expanding cloud and IT environment represents a major challenge for already overburdened IT teams. In many cases, they’re dealing with products and vendors that may be unable to ensure a secure environment. “Through 2018, over 50% of IoT device manufacturers will not be able to address threats from weak authentication practices,” according to Gartner.
Whitelisting would ensure trust across the distributed enterprise, but traditional methods are doomed.
“Everybody knows and hates whitelisting,” writes CSO contributor Maria Korolov. “Employees are only allowed to install approved software on their desktops and laptops, so they’re always complaining and asking for exceptions. Management eventually gets fed up with it and stops the experiment.”
Making trust easy to manage
But what if whitelisting were transparent to the end user and automated? According to Tempered Networks, “When you base networking and access control on an identity–based machine, whitelisting becomes a simple way to enforce policy as opposed to attempting to enforce based on IP addresses or blacklists—both of which are vulnerable to spoofing and hacker reconnaissance.”
The difficulties of whitelisting stem from the computing world’s reliance on IP addressing to establish access and authentication. The problem with this approach, as many businesses have learned, is that IP addresses can be “spoofed” to impersonate a trusted device or to conceal the true identity of a device accessing a network.
Tempered Networks instead promotes provable machine identity. The IP address is relegated to providing address location only, while identity is ensured through the Host Identity Protocol (HIP), which creates strong cryptographic identities that can be automatically verified and authorized within an Identify-Defined Network (IDN) overlay.
With IDN, only provable host identities are recognized, essentially creating an automatic and manageable process for whitelisting. To find out how you can bring trust back into your network, read this white paper.