Click to learn more about author Don Boxley.
World Password Day was born back in 2005 when security researcher Mark Burnett suggested that everyone embrace a specific day in which they update their digital passwords. According to National Day Calendar, this idea gained traction in May 2013, when Intel Security selected the first Thursday each May as World Password Day.
As we marked the occasion this year on May 6, I was reminded of the opportunity that this unique “celebration” gives businesses and individuals: a dedicated date to devote to password hygiene, the result of which can be data protection. And such protection is certainly needed when you recognize that around 4,000 ransomware attacks occur daily.
Yet while password selection can be helpful when done correctly, many organizations and others fail to maximize their password selection criteria – or maybe just don’t know what the best practices are in this arena. The result is a plethora of predictable, hacker-friendly passwords that compromise data security.
Here’s the thing, though, that’s no secret to IT administrators: No matter how complex and random your password is, and even if you continuously change it, that’s not enough to bring peace of mind that your data is sufficiently safeguarded. This has led to many IT administrators fortifying data security with additional layers. But today, given the increase in and sophistication of ransomware attacks, which data security solution is the best to pair with passwords?
Many organizations have traditionally relied on virtual private networks (VPNs) for data security, but VPNs are no longer as reliable in today’s ransomware-saturated environment. Recent research bears this out, showing 62% of IT professionals surveyed who used VPNs for network access or security cited insufficient security at the top of their list of pain points related to this solution. A sizable number also cited issues with cost (46%), performance (45%), manageability (44%), and disaster recovery reliability (48%). Even more impactful was the fact that around 40% of respondents believed that their network had already been breached by ransomware or another bad actor.
In the wake of World Password Day, I’d like to offer the following four reasons why, while passwords are important and VPNs played a role in yesterday’s data security, the right move today is incorporating a different solution along with password best practices: software defined perimeter (SDP) software.
1. Networking security needs to be impenetrable.
Clearly, VPNs are too limited in offering networks iron-clad data security – even when excellent passwords are used. What’s needed is the “zero trust” architecture of SDP, which removes the ability of a hacker to execute a lateral attack. By keeping users from getting their mitts on any apps that they haven’t received authorization to access, IT avoids giving users full network access. SDP features encrypted micro-tunnels, which protect data and allow it to be transported directly between users, sites, and clouds. Both tunnels and servers become untrackable by hacking tools like port scanners.
2. Traditional solutions bring management headaches.
VPNs have also become synonymous with the opposite of configuration and management simplicity. From ACLs to firewalls, the pain points multiply with appliances to install, configure, deploy, manage, or maintain. SDP, on the other hand, gets around this with vastly simplified installation and deployment; it’s really as easy as “install and connect.” Remote users, regardless of location, have the ability to connect to their micro-tunnels wherever they are, enabling easy management of remote users.
3. SDP keeps costs down.
Once you accept that passwords need a booster solution and start weighing your options, you’ll quickly notice the cost differential between traditional solutions and SDP. VPN’s costs include dedicated VPN appliances, and also often the requirement of forking over money by the hour to cloud vendors in order to access a VPN connection. SDP needs no such dedicated appliances, doesn’t charge cloud vendor fees, and avoids costly direct links, resulting in substantial savings.
4. VPN performance is suboptimal.
VPNs are plagued by performance issues and speed challenges without direct connection. SDP, on the other hand, offers optimal speeds. Gateway configuration is possible on any commodity hardware, and users can either add or remove resources. Connecting from anywhere through micro-tunnels that can be made redundant and highly available means that SDP solutions result in higher performance than VPN security efforts.
Bottom line: When SDP is paired with effective passwords, users enjoy cost-effective, easy-to-manage, highly performant, impenetrable security.