Note: This post is the continuation of the post that we published on July 19 as well as the one corresponding to the 4th of July. These make up an article that was published in the magazine SIC, Nº 125 of June of 2017.

Isolation 360º

To ensure that a particular corporate environment is actually isolated from the types of vulnerabilities being described in this article, it needs to be isolated in the five historical axes of infection and propagation.

●        Isolation of employees’ Internet output

Isolate the internal network of the company of the possible threats that arrive at the devices of the users caused by the navigation to the Internet and the access to external servers not known.

  • Isolation of customer access from the Internet to the services provided

Isolate all applications and services exposed by the company from the threats present on users’ devices.

  • Isolation of external access of employees to internal networks

Isolate companies from the vulnerabilities that can be caused by their employees’ “secure” connections, when done from outside. You must consider both the malware that the device from which the employee is connected, and any attacks that may come from the external network from which you connect.

  • Isolation between CPD and user networks

Asylum CPDs of user networks is a growing need. The interconnection of user networks, the difficulty of preventing them from connecting to poorly protected networks, and the increasingly complex task of keeping patched devices up to date makes isolation between CPDs and their user networks fundamental.

  • Isolation of shared connections with external companies (outsourcing – suppliers)

    If in the previous point we stated the need to isolate the CPDs from their networks of users, this becomes an imperative necessity when it comes to isolating the CPDs from the networks of the providers.

.If the five axes are simultaneously isolated, a 360º protection environment is generated, both in user networks and in CPDs.

 Looking Inside the Isolation System

One of the paths that open us in the near future is to be able to record, see, and look at what goes on inside the isolation system, it will bring us new protection capabilities that until now we had not even intuited.

.

One of the most interesting aspects of isolation systems is that they have at one point the ability to analyze all the activity of the users of the systems, whether employees, customers or collaborating companies. If the isolation system incorporates the ability to save in text mode what it converts to visualization protocols, the possibilities that open from the point of view of the knowledge of what happens inside the corporations can happen to a new stage.

●        Smart Isolation

Machine learning inside the insulation. By having the full flow of employee and customer sessions, you can begin to set up advanced analytics models to detect anomalies in Layer 8.

  • ●        Smart recovery

    The ability to see and analyze the type of applications that each employee uses that have to be connected to the inside of the companies, will allow to have a very accurate profile each employee. One of the great advantages of this type of knowledge will be to be able to instantly deliver to each employee a PC with the applications and configurations that it needs, always updated.

  • .

    In the same way that firewalls changed security strategies two decades ago, isolation systems are beginning to be seen as a technology that will transform us concepts and models of protection of information systems.