A new data breach is revealed to the public every day. Some of the most recent ones that included large businesses are Mailchimp, LastPass, and T-Mobile. One of the many reasons we increasingly read about such incidents is because it’s getting more and more challenging to protect the assets of a business. The truth is cyber criminals are getting savvier by the day, and their attack methods, such as malware, more sophisticated.
Organizations face a multitude of hacking threats that target their increasingly complex infrastructures. To fight it, businesses deploy Secure Access Service Edge (SASE) to both improve and simplify their cybersecurity. How does SASE aid modern companies to protect data and people from malicious hacking? Here, we discuss the key capabilities of the tool and how it can aid in the prevention of high-profile breaches such as Mailchimp, LastPass, and T-Mobile.
Uniting Siloed Solutions
When businesses add new devices or software to their existing infrastructures, they have new technology that needs to be protected against cyber attacks.
The adoption of the cloud and components from multiple vendors means that organizations have created complex architectures that are guarded by a high number of security points.
What was once basic protection consisting of a firewall and antivirus software has escalated into over 36 security points (on average for businesses) that are part of the regular protective architecture.
SASE combines the capabilities of multiple different security solutions, including:
- A Cloud Access Security Broker (CASB) -- used for enforcing policies and monitoring traffic between the user and the cloud component
- Secure web gateway -- applied for the regulation of web traffic of a company and blocking harmful websites and applications
- Zero Trust Network Access (ZTNA) -- enforces zero trust policy as the core of its security model
- Software Defined Wide Area Network (SD-WAN) -- the program utilized for the management of wide area networks
Even more, SASE relies on a single dashboard from which the security professionals can have visibility of the cloud environment security and its vulnerabilities.
This feature is important because there is currently a shortage of cybersecurity professionals. Those that are still working in the field tend to be overwhelmed. This is due to a large number of alters coming from versatile tools and tend to feel fatigued after constantly switching from one dashboard to another.
Many of the notifications are repetitive (since different solutions send out the same alerts) or don’t even point to high-risk threats.
Although zero trust has become a buzzword in cybersecurity of late, this tool can aid teams to detect unauthorized access attempts within cloud environments.
If enforced properly, zero trust should apply the "never trust, always verify" to anyone who attempts to use their credentials and access the system.
This means that even users who have the right credentials are treated as if they could be threat actors who managed to obtain credentials somewhere else.
As a result, the criminal doesn’t get deeper access into the network of a company where they could steal sensitive data.
The access could be limited based on the role of a person within the company -- meaning not every user can access the entire system but just the parts they need for work.
In SASE, this policy is possible via ZTNA -- a set of versatile technology that applies the zero trust principle. Since it reduces latency and provides security for remote workers, ZTNA is also often used as a replacement for a Virtual Private Network (VPN). Could it help in the prevention of the latest Mailchimp data breach?
Mailchimp Data Breach
On January 11, the email marketing company Mailchimp said that they noticed unauthorized activity. In the case of Mailchimp, hackers used employee credentials they gained after a phishing attack which allowed them to access the admin account. 133 user accounts and their data have been compromised in the attack.
Protecting Data in the Cloud
One of the components of SASE is that it can detect sensitive information within the system. It aids companies to know where their most valuable information is placed and if it’s being affected by hacking activity. Moreover, policies that safeguard the data even further can be applied to targeted information.
LastPass Data Breach
On December 22, in a now controversial attack due to a lack of transparency and security policies, it came to light that the company that provides the password manager, LastPass, had been hacked.
LastPass uses cloud-based storage, the access to which was compromised after the hacker gained illicit access to a developer account. Luckily, the company doesn’t have master passwords, but hackers did gain user information such as encrypted password vaults and account information.
Advanced Hacking Protection
Some of the more sophisticated protection that SASE offer is:
- Application Programming Interface (API) protection
API security is built to prevent hacking threats that attempt to exploit vulnerable API components. Sandboxing refers to isolating the code that is likely to be malicious and testing it in a safe environment. It’s often applied by web browsers as a way to assess the security of certain websites.
T-Mobile Data Breach
For instance, in another major breach that was revealed on January 17, T-Mobile shared that the threat actor obtained information from 37 million user accounts.
The data that was stolen includes birthdays, names, and telephone numbers. The threat actor didn’t gather any sensitive information or jeopardized the network itself.
Their security teams uncovered the hacking activity on January 5 and mitigated it the next day. The culprit for the attack was a vulnerable API.
Facilitating Cloud Security For Less
Ever since the rise of remote work, there has been an increased need for cloud environments that enable online services and cost-effective scalability.
The latest Mailchimp, T-Mobile, and LastPass data breaches show us that even major companies that handle a lot of user data still have major gaps in their security - even those with extensive security teams.
The SASE model is designed to protect and mitigate threats within modern and complex environments without lag and coming at a smaller cost.
Peter Davidson works as a senior business associate helping brands and start ups to make efficient business decisions and plan proper business strategies. He is a big gadget freak who loves to share his views on latest technologies and applications.