You can find the details and video of our Webinar held on Thursday, July 9, 2020, below.
THE ARCHITECTURE CHANGING THE RULES IN CYBER SECURITY: ZERO TRUST NETWORK ACCESS
80% of the applications opened to business partners in 2022 will be accessible through ZTNA.
In 2023, 60% of large companies will start to prefer ZTNA over VPN in their new investments
There are many applications that you share with those who work from home or remotely, 3rd parties or business partners and that you use to transmit this data. Even if you have taken all the necessary cyber security measures within the organization, it is often not possible to control the network and devices from the other party.
With Zero Trust Network Access, users are isolated from network access in the organization and applications are isolated from the internet. This situation; It minimizes the risks that even compromised devices can pose on the corporate network. Unlike network-centric solutions such as VPNs and firewalls, ZTNA basically allows only the applications used to communicate with each other in an isolated environment, rather than connecting to the corporate network and being exposed to the internet.
Today's dynamic business environment and mobile workforce with access to corporate resources need stakeholders and affiliates. TransientAccess guarantees “zero secure” access without providing network access and “exposing” corporate resources to the internet.
[mnky_heading title=”QUESTION-Answer” line_color=”#dd1818″]
How will this solution replace VPN technology in this period of remote working?
We anticipate that it will gradually replace VPN, starting with access to critical applications, due to the added security and operational efficiency we offer.
Does it integrate with the VPN or does it completely eliminate the VPN?
We cannot say that it works integrated with VPN. However, it is possible to run them side by side. However, Gartner, NSA, etc. As stated by the authorities, we expect it to be almost completely replaced by VPN in 2023.
What is the place of this solution in terms of KVKK?
KVKK states that no personal information should be available on the internet without a password. Our solution, on the other hand, meets this need by encrypting the data passing through the internet end-to-end. In addition, we prevent needs with additional security features (encrypting downloaded files, preventing copy/paste function, preventing screenshots).
You mentioned micro segmentation, how do you prevent it from spreading when the attacker accesses the network?
First of all, we would like to point out that in our technology, the end user does not access the central network. In other words, the center is included in the network and does not get an IP address from there. Only one-time temporary network is established between related applications (such as outlook->exchange). After use, this net is thrown away. As soon as the network is established, the application on the end user device is included in this network after being isolated from the operating system by taking it into a micro container. At this point, any application and/or harmful effect on the isolated application by being enclosed in a micro container cannot reach the central network.
If you want to print an output (report etc.) produced by the application on your own machine, or when you want to upload a file on your own machine to the application, how do you use it?
If the File Encryption option is activated, the file will not be readable if it is uploaded to other machines.
Can employees deactivate this usage themselves?
No. Employees cannot deactivate security features themselves.
Can we create network access rules specifically for the user?
Yes. User-based or group-based policies can be created.
Can we assign different access rules to employees with the same duties and responsibilities in the same department while authorizing access? Or are we writing these assignments through these applications as a group?
Yes. User-based or group-based policies can be created.
Can it be redirected to the logging tool as well?
The logs created on the controller component can be automatically directed to the related log collection and analysis software using Python scripts or rest apis.
Too much time wasted for VPN management How much involvement do IT teams need on the system side to manage this solution?
Policies can be defined very easily. The product is designed with safe and easy-to-use principles.
How is MITM prevented in case of device infiltration that may occur in a public place?
In our TransientAccess solution, a 2048bit encrypted temporary and one-time network is established between the application on the end user device and the target application in the center, and this network prevents MITM attacks.
Can an integrated working structure be created with NAC? Can automatic rules be applied to the device defined in the network?
Regarding NAC, anti-debug mode, anti-vm, anti-jailbreak protections can be implemented on both managed and unmanaged devices without any integration with our solution.
[mnky_heading title=”SPEAKERS” line_color=”#dd3333″]
Moderator
Erdem Eriş
CyberArts
Founder & General Manager
Alper Çiçekli
CyberArts
Technical Account Manager
Selhan Bilsay
TransientX
CTO
Melih Kavala
TransientX
Country Sales Manager
KVKK, ISO 270001, Bilgi Güvenliği, Siber Güvenlik ve Bilgi Teknolojileri konularında destek ve teklif almak için lütfen