“Many enterprises are completely unaware of the managed hyperscale services available from MSPs” says Drew Lydecker, president and co-founder of AVANT. “It’s become impossible for an individual to keep up with all the thousands of new features and changes hyperscale’s are deploying each year. That’s where MSPs excel. They stay on top of all the changes and help companies use platforms more effectively and securely.” Given that the perimeter-based approach of data center security is far too limited to meet the needs of cloud computing, the concept of “defense-in-depth” is rapidly giving way to a new, cloud-centric approach called “Zero Trust.” One can make the case that Zero Trust works with the assumption that the entire network is already compromised. That is a bit of an overstatement, but Zero Trust is indeed based on a lack of trust in devices and machines. “One part is knowing how to do authentication around users, around groups and around roles, ex- plained Ray Watson of Masergy. “AI and machine learning can be used to watch for anomalous behav- iors, triggering alerts very similar to what happens when there is a weird charge on your credit card.” Taking that one step further, the use of multifactor authentication is typically a good idea. In most cases, this involves a code being transmitted to the user’s mobile phone via SMS. The user then enters that code into the application interface and, if the code is entered correctly, access is granted. While multifactor authentication is not an absolute guarantee that unauthorized people will not access your resources, it is an important layer of extra protection that is neither expensive nor especially difficult for individual users. “Instead of thinking we are going to be able to defend all attacks, it’s really coming down to reducing dwell time which is how long the bad guys are inside,” Watson added. “It’s also about segmentation, which is really about making sure that if someone does get in, they can’t gain access to the corporate jewels, so to speak. Many people today are talking about managed detection and response, in which we see when an attacker penetrate and then immediately act to minimize the damage.” “It’s become impossible for an individual to keep up with all the thousands of new features and changes hyperscale’s are deploy- ing each year.” Copyright © 2020 AVANT Communications, Inc. 27
Managed Security Trends and Insights Page 27 Page 29