The evolving nature of access control in the era of cloud and mobile
The advent of mobility and cloud has created significant challenges for organisations seeking to ensure maximum productivity of their employees, while protecting their network against internal and external threats, through the right access control.
Pulse Secure is a leading provider of access and mobile security solutions to both enterprises and service providers. Enterprises use the company's Pulse virtual private network (VPN), network access control and mobile security products to enable end user mobility securely and seamlessly in their organizations.
“Think of us as the gateway for a user to be productive, as it relates to accessing either a data centre or an application or a cloud or a mobile device. We are at the intersection of those four entities and our job is to provide access services, authorisation, authentication, single sign-on capabilities, compliance of devices and so on,” Mr. Ramakrishna said.
Evolution of access control
Till a few years ago, access control meant remote access. When you are working on the road, or at home, how do you gain access to the office. But now, with mobile and cloud, access has a completely different meaning because there’s no such thing as remote.
“For instance, I am here and my Pulse Secure network is here, it’s not in San Jose. Because I am part of my network. The network has extended to the device, to the person, the network has extended to the cloud,” he said.
The challenge in access has become about delivering access where there is more mobility, more cloud, where everybody is either completely remote or nobody is remote.
Pulse Secure’s approach is to make sure that as a user you shouldn’t have to know whether you are inside your office or outside the office. You should be able to access your resources in the exact same way in both cases, providing a consistent user experience and ensuring maximum productivity.
So, the software solution has to know how to provide connectivity when you are outside or when you are inside the network, which is a capability delivered by the Pulse Secure software.
“Our ability to say is this device compromised is another capability that we provide. By compromise what I mean is if a device is jailbroken, then we can recognise it and then take corrective steps. That has become very important in industries that care about compliance or industries that are bound by regulations, like government entities, financial sector, banking,” Mr. Ramakrishna added.
Many CIOs are still thinking about the problem in very traditional ways, not in line with how the world is evolving. If we think access to data centres, access to cloud, access to applications as different forms of access, it leads to the creation of silos. User-related information gets replicated across each of those, resulting in inefficiencies. Also, more user and administrative domains create the opportunity for configuration mistakes across the domains which could potentially create security holes in the infrastructure. Consolidating the forms of access provides better efficiencies, along with improvement in the security posture.
Working with educational institutions, governments and NGOs
In Singapore, NGOs and government and education institutions are Pulse Secure’s predominant customers. Over 80% of tertiary educational institutions in Singapore are customers of Pulse Secure. We asked how they are using Pulse Secure solutions.
Mr. Ramakirshna replied that initially they were using it was for mostly remote access, for providing laptops, desktops and mobile phone access into the enterprise. But increasingly they are using it for network access. In many educational institutions students can take their own laptops and mobile devices to school. But the responsibility of protecting the network still lies with the school.
“When you open up your laptop, who decides whether you should get access or not, who decides whether whatever you are doing is legal or not. Also, we want to do it in a way where it doesn’t seem very intrusive from a user experience standpoint. Increasingly educational institutions are leveraging us for that capability as well,” said Mr. Ramakrishna.
Organisations today are recognising that threats can arise internally and externally. The traditional way of thinking about cybersecurity is to protect the enterprise against attacks from the outside. That was the general idea. But that’s no longer the case. Today both the inside and the outside of the network have to be protected. Whereas previously people were using Pulse Secure solutions simply for connectivity from the outside, now they are using it for network access from the inside as well.
As a business historically, Pulse Secure took a lot of effort to work with the Federal Government in the US, and achieved all the certifications needed to support the Federal government.
“My experience is almost every government agency in the world uses some different flavour of what the federal government standards are in the US. So, for us, the barrier to entry in various countries, say India or Singapore, are not that great. Because we have gone through the heavy lifting of having done those certifications in the US already,” Mr. Ramakrishna said.
NGOs might suffer from resource constraints. So, it is important that the products and deployments be so simple that there is no requirement for huge IT infrastructure or many people to deploy it.
Mr. Ramakrishna said, “There is a phrase that people use for our software. They say set it and forget it. That means that you set it up and then you can forget about it because it’s working all the time.”