Revamping Enterprise Security for a Focus on Applications

Published:

Rethinking Enterprise Security in the Age of Modern Applications

By: Mani Sundaram, Executive Vice President, Security Technology Group, Akamai Technologies

Over the past two decades, the landscape of enterprise IT infrastructure has undergone a remarkable transformation. Modern applications now operate seamlessly across a blend of on-premises, cloud, and Software as a Service (SaaS) platforms. The methods of access have expanded beyond traditional user interfaces to encompass machine-to-machine interactions via Application Programming Interfaces (APIs). This evolution has ushered in a plethora of business benefits, including reduced IT complexity, streamlined processes, enhanced third-party partnerships, improved user experiences through better integration, and optimized application performance through the adoption of microservices.

However, this progress comes with a stark reality: threat actors are also innovating. The distributed and interconnected nature of modern applications, coupled with new attack vectors such as APIs, presents unique challenges that traditional enterprise security measures were not designed to address. For enterprise security teams, this necessitates a paradigm shift from a perimeter-centric view of security to a strategy that aligns with modern application delivery and consumption models.

Rethinking the Security Perimeter

For decades, enterprise security has primarily focused on preventing unauthorized access from external threats. While maintaining robust perimeter security remains essential, the landscape has evolved significantly. Core IT assets, whether on-premises or cloud-based, must be fortified against external threats. However, many attackers now exploit vulnerabilities in modern application delivery—such as compromised credentials or flawed APIs—allowing them to bypass traditional defenses altogether.

This new threat landscape calls for a two-pronged security strategy: first, to identify and eliminate gaps in security controls before they can be exploited; and second, to acknowledge that security breakdowns are inevitable and to take proactive measures to limit the “blast radius” while accelerating detection and response when incidents occur.

A Modernized Enterprise Security Architecture

Two decades ago, most enterprise environments operated within a well-defined perimeter, with firewalls serving as the primary control points—akin to a castle-and-moat approach to network security. Beyond this perimeter lay a relatively flat network, making breaches an all-or-nothing proposition. Once a threat actor gained access, little could prevent them from discovering vulnerable internal systems and moving laterally toward higher-value IT assets.

In response, security teams often attempted to mitigate this risk by adding additional firewall choke points within the internal network. Unfortunately, these architectures frequently did more harm than good. They introduced significant cost and administrative overhead for security teams, created performance bottlenecks, and provided policy enforcement that was often too coarse to effectively slow the advance of sophisticated threat actors.

Essential Elements of a Modern Security Architecture

Today, the concept of a perimeter has become obsolete. Consequently, modern security architecture must incorporate the following essential elements:

  1. Zero Trust Network Access (ZTNA): This model defends against north-south attacks, including scenarios where a threat actor compromises a legitimate user’s device or credentials.

  2. Identity-Based Authentication and Authorization: Ensuring that both human and machine identities continuously verify their identity and can access only the resources necessary for their essential functions.

  3. Adaptive and Granular Micro-Segmentation: This framework mitigates east-west attacks by preventing threat actors from using an initial point of compromise to advance toward high-value on-premises or cloud assets.

  4. Advanced Protection Against API Threats: As the use of APIs grows, so too does the complexity of the threats they introduce. Robust protection mechanisms are essential.

  5. Application Protection Against Fraud and Vulnerabilities: Safeguarding applications from various types of fraud and other vulnerabilities is critical in today’s threat landscape.

  6. Scalable Defense Against DDoS and DNS-Based Attacks: Hybrid environments must be equipped to defend against distributed denial-of-service (DDoS) attacks and DNS-based threats.

This modern enterprise security architecture promotes a strong layered defense-in-depth approach while emphasizing application-level controls, such as Web Application and API Protection (WAAP). However, it is equally important to recognize that breaches can never be entirely avoided. Therefore, advancing Zero Trust principles from theory to real-world implementation is crucial. Techniques like ZTNA and micro-segmentation can significantly mitigate lateral movement within networks.

Conclusion

As enterprise IT infrastructure continues to evolve, so too must our approach to security. The shift from a perimeter-centric view to a modernized security architecture is not just a necessity; it is an imperative for organizations aiming to protect their assets in an increasingly complex threat landscape. By embracing a comprehensive security strategy that incorporates the essential elements outlined above, enterprises can better safeguard their applications and data against the ever-evolving tactics of threat actors. In this new era of interconnectedness, a proactive and adaptive security posture is the key to resilience and success.

Related articles

Recent articles