Pulse Secure, the globally renowned provider of Zero Trust Secure Access solutions, has announced that the COVID-19 pandemic has not impacted the adoption of Zero Trust technology globally. In fact, nearly two thirds of organisations (60%) said that they have accelerated Zero Trust implementation during the pandemic, according to the ‘Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation’. Enterprise Zero Trust Networking Strategies The’ Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation’, conducted by Enterprise Management Associates (EMA) and sponsored by Pulse Secure, surveyed more than 250 technology professionals. The report examines how enterprises are moving forward with Zero Trust networking initiatives The newly published report examines how enterprises are moving forward with Zero Trust networking initiatives, where they’re being successful in doing so, and how COVID-19 has affected the forward movement of those projects. Accelerating Zero Trust initiatives The research found that the main difference between those who were successful in moving their Zero Trust initiatives forward were those that started out with formalised Zero Trust projects. Those that had dedicated budgets and formal initiatives - (69%) were far more likely to continue accelerating those projects throughout the pandemic, while those that had ad hoc Zero Trust projects were more likely to stall progress or stop entirely. Increased leverage of cloud resources and applications “The global pandemic has had some profound effects on the enterprise with remote working being rolled out on an unprecedented scale, increased leverage of cloud resources and applications, and the transition to greater workplace flexibility,” said Scott Gordon, Chief Marketing Officer at Pulse Secure. Scott adds, “The findings indicate that organisations that advance their initiatives and planning towards Zero Trust process and technology implementation will be ahead of the digital transformation curve and much more resilient to threats and crises.” Bringing Zero Trust Networking into enterprise environments Enterprises were overwhelmingly positive about their success in pursuing Zero Trust Networking The research survey went further into enterprises’ efforts to bring about Zero Trust Networking in their environments. More than four out of five respondents (85%) have defined Zero Trust initiatives. However, less than half of the enterprises (42%) have received added budget for their projects. The Zero Trust projects that did receive added budget were more likely to persist through the COVID-19 pandemic period. Enterprises were overwhelmingly positive about their success in pursuing Zero Trust Networking, with the majority (94%) indicating degrees of success, half (50%) labeled their efforts as successful and less than half (44%) of respondents indicating somewhat successful. Combining security and networking teams Dedicated Zero Trust projects tend to be interdisciplinary, bringing together security and networking teams. In 45% of such projects, security and networking teams have a Zero Trust partnership in which they formally share tools and processes. In half of the cases (50%), enterprises created a taskforce from both teams to pursue Zero Trust. The three primary ways in which they collaborated were by coordinating access security controls across different systems (48%), assessing access security control requirements (41%) and defining access requirements according to user, role, data and application (40%). Issues with Zero Trust taskforces and partnerships However, the survey found that collaboration is not without its own roadblocks. 85% of respondents in Zero Trust taskforces and partnerships found themselves struggling with cross-team skills gaps (33%), a lack of tools and processes that might facilitate collaboration (31%), and budget conflicts (31%). Enterprises are clearly accelerating efforts to adopt Zero Trust networking initiatives" “Enterprises are clearly accelerating efforts to adopt Zero Trust networking initiatives. The survey shows that organisations that move forward with formal initiatives and budget are more likely to achieve implementation success and operational gain,” said Shamus McGillicuddy, Vice President of Research at Enterprise Management Associates. Shamus adds, “We appreciate Pulse Secure’s support and sponsorship of this report that organisations can use to benchmark and progress their Zero Trust programs.” Additional key findings include: Prime Zero Trust Benefits: When asked what they consider to be the prime benefit of Zero Trust networks, respondents said IT operations agility (40%), improved governance risk and compliance (35%), breach prevention (34%), reducing the attack surface (31%) and unauthorised access mitigation (28%) ranked among the strongest responses. Hybrid IT Remote Access: Respondents are applying hybrid IT requirement to Secure Remote Access requirements within their Zero Trust Network Strategy, while the majority (62%) of the enterprises wanted cloud application access, half of enterprises access to public and private cloud resources and applications. IoT Device Exposures: Respondents discussed their position towards IoT devices which cannot be provided with the user identities on which Zero Trust is based and how they intend to create access policies for them. Over a third (36%) said that devices would receive tailored access privileges based on function and characteristics, others said that all devices would receive a generic minimum level of access privileges (28%) and that untrusted devices would have limited network access with no access to high risk or compliance zones (23%). Research survey details The’ Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network Segmentation’ research surveyed 252 technology professionals, including executive IT leadership executives (43%) and security managers (33%). The majority (54%) of the respondents worked in large enterprises that spanned multiple industries, with a concentration from professional services, manufacturers, software, retail sector and financial services. The research survey had a majority (63%) of organisations based in North America, with over a third (37%) spread across Europe, primarily in the countries of France, Germany, and the United Kingdom.
Pulse Secure, a renowned provider of software-defined Secure Access solutions, announced that Enterprise Management Associates (EMA) has honoured Pulse Secure among the industry’s top secure access platform vendors. Pulse Secure was selected by EMA as a “Top Three” vendor in enabling secure remote access across hybrid business networks. According to the 2020 EMA Secure Access Decision Guide, remote workforces increasingly require access to business applications, data, and services from a variety of devices through the Internet and unsecured public networks, increasing exposures to attack and risks of compliance failures. Secure remote access We surveyed IT decision makers to identify the top 10 key secure access initiatives" Secure access solutions with identity and device security features must create intuitive, compliant and protected connections for workers to access essential IT resources across business networks, private clouds, and SaaS environments. In 2020, requirements for enabling secure access from remote workers to hybrid IT business networks accelerated rapidly and substantially. As a result of the COVID-19 pandemic and global stay-at-home orders, workforces in nearly every business sector were suddenly required to enable remote access capabilities in order to continue operations. Solutions enabling employees to work remotely became a critical lifeline during the most challenging days of operational restrictions and trends towards increased workplace flexibility and permanent work from home requirements are expected to define secure remote access capabilities as a key element of IT enablement into the future. Minimise risk profiles The EMA Decision Guide provides actionable advice on the best practices and solutions organisations should adopt to empower end-user productivity and minimise risk profiles when enabling secure access to business IT resources. “We surveyed IT decision makers to identify the top 10 key secure access initiatives and then evaluated over 100 products across these business priorities by analysing a broad array of vendor product briefings, case studies and demonstrations,” noted EMA Research Director and Report Author, Steve Brasen. Access business applications Pulse Secure brings together core secure access capabilities with required interoperability for hybrid IT "EMA's detailed and independent assessment of this market clearly identified Pulse Secure among leading secure access platform providers and top three solution for enabling workforces to remotely and securely access business applications, data, and IT services across hybrid IT environments." Pulse Secure brings together core secure access capabilities with required interoperability for hybrid IT. The company’s Zero Trust value proposition is realised through its Pulse Access Suite, which delivers protected connectivity, endpoint compliance, operational intelligence, and threat mitigation across mobile, network, and multi-cloud environments. Data protection requirements Pulse Connect Secure (PCS), the company’s flagship secure remote access solution, offers rapid deployment and single-pane-of-glass management while ensuring user productivity with easy, optimised and protected access to data centre and multi-cloud applications. “Pulse Secure enables enterprises to accelerate their digital transformation strategies and flexibly migrate from data centre to multi-cloud computing while addressing diverse user, business and data protection requirements,” said Scott Gordon, Chief Marketing Officer at Pulse Secure. Clientless web access portal Pulse Secure has also extended its Pulse Cares programme through September 30, 2020 “EMA’s recognition of Pulse Secure as an industry-leading secure access vendor for hybrid IT is testament to our focus on enabling user productivity and our passion to innovate while being mindful to optimise our customers’ business opportunities, resources and investments.” Pulse Access Suite and Pulse Connect Secure capabilities highlighted in the EMA report include: Extensive Secure VPN connection modes: always-on, on-demand, or only when utilising specific applications, as well as split tunneling and multi-tunneling. Layer 2, layer 3 and layer 7 access security with broad application support. Ensures compliance with support for MFA and SSO authenticators (e.g., SAML IdP and SD), and user and device security before and during connections. Simplifies administration with wizards, granular policy settings, and adaptive access with built-in UEBA. Pulse One management platform to automate appliance and policy administration while viewing an operational dashboard. Unified Client, agent and agentless, for VPN, SDP and NAC, as well as clientless web access portal. Accelerate digital business Organisations can try Pulse Connect Secure and other integrated solutions that comprise the Pulse Access Suite by visiting the official website of the company. Pulse Secure has also extended its Pulse Cares programme through September 30, 2020, providing flexible licensing and expedited deployment and capacity enhancement to support business continuity as organisations extend workplace flexibility and accelerate digital business in the wake of the COVID-19 global health crisis. The abridged version of the “2020 EMA Top 3 Report and Decision Guide for Enabling Secure Access to Enterprise IT Services” can be downloaded from EMA website.
Despite security issues and concerns resulting from the massive and sudden increase in work-from-home (WFH) initiatives caused by the global COVID-19 healthcare crisis, one-third (38%) of U.S. companies observed productivity gains during remote work and a staggering 84% anticipate broader and more permanent WFH adoption beyond the pandemic, according to new data released by Pulse Secure, the provider of software-defined Secure Access solutions. Anticipate positions moving to permanent remote work The 2020 Remote Work-From-Home Cybersecurity Report, sponsored by Pulse Secure and produced by Cybersecurity Insiders, offers an in-depth perspective on WFH challenges, concerns, strategies and anticipated outcomes. The survey, conducted in May of 2020, polled over 400 IT security decision practitioners across a broad representation of industries and companies between 500 and over 5,000 employees. The survey found that 33% of U.S. companies anticipate some positions moving to permanent remote work and over half (55%) plan to increase their budget for secure remote work in the near-term. “This new research provides organisations comparative insight into how enterprises are addressing immediate work-from-home requirements and cyber threat challenges to ensure business continuity and employee well-being,” said Scott Gordon, chief marketing officer at Pulse Secure. “Beyond offering a wake-up call for emergency preparedness, the findings indicate a strong likelihood of organisations permanently extending work-from-home flexibility and advancing secure access capabilities.” WFH adoption accelerated cloud app growth The research indicates that three-quarters of businesses now have more than 76% of their employees working from home compared to just under 25% at the close of 2019. While a third of respondents cited their business being “ill prepared or not prepared” for remote working, 75% of businesses were able to transition to remote working within 15 days. Surprisingly, less than a third expressed cost or budget problems, demonstrating the urgency to support their business. Additionally, more than half (54%) expressed that COVID-19 has accelerated migration of users’ workflows and applications to the cloud. In terms of security risks, two-thirds (69%) are concerned with WFH security risks with the majority expressing low user awareness training, insecure home/public Wi-Fi networks, use of at-risk personal devices and sensitive data leakage as prime threat contributors. WFH adds security and compliance challenges In terms of application exposure, respondents feel anxious over file sharing (68%), web apps (47%), and video conferencing (45%) risks. Two-thirds of IT security professionals anticipate malware, phishing, unauthorised user and device accessWhile 78% expressed enforcing the same level of security controls and data management for on premise and remote users, a further 65% allowed access from personal, unmanaged devices. Two-thirds of IT security professionals anticipate malware, phishing, unauthorised user and device access, and unpatched/at risk systems to be the most exploitable WFH attack vectors. In addition, 63% expressed that remote work could impact compliance mandates that apply to their organisation; especially GDRP, PCI-DSS, HIPAA and those with data breach notification. Survey respondents employed various tools to secure remote work / home office scenarios with the top four controls being endpoint security, Firewalls, virtual private networks (SSL-VPN) and multi-factor authentication (MFA). According to separate research by Enterprise Management Associates, 57% of organisations regard the consolidation of access management solutions into a single platform to be a high or extreme priority for their business this year. Wider trends toward security tools consolidation Adoption of WFH has highlighted the need for organisations to embrace more holistic secure access strategy" “The mass adoption of WFH has highlighted the need for organisations to embrace more holistic secure access strategy that supports both flexible working and the growing shift towards hybrid IT. The most effective IT management solutions are platforms that are both modular and integrated,” noted Steve Brasen, research director with Enterprise Management Associates. “Modular solutions allow organisations to adopt the exact feature set they require to meet business needs. However, solutions must also be fully integrated to yield desired management efficiencies. Solutions, such as Pulse Secure Access Suite, address broad secure access needs while yielding operational and economic benefits.” The WFH and tool consolidation trends coincide with a recent update to Pulse Access Suite, a secure access solution set that provides easy access for mobile workforces and a single-pane-of-glass to streamline provisioning, management and scalability. The Suite integrates adaptive identity and device authentication, protected connectivity, extensive visibility and analytics, and threat response for hybrid IT. Organisations can centrally orchestrate Zero Trust policy to ensure compliant access to applications, resources and services across mobile, network and multi-cloud environments.
Pulse Secure, the provider of software-defined Secure Access solutions, announces its Access Suite and SDP solution were recognised in a recently published analyst report, ‘Market Insights: Software Defined Perimeter (SDP)’ for Zero Trust Network Security, 2020. The Software Defined Perimeter market insights report, by Quadrant Knowledge Solutions, presents market definitions, drivers, primary use cases, trends, solution characteristics and architectures, as well as market recommendations and vendor profiles. Advanced network security solution According to the report, “Software Defined Perimeter technology is emerging as an advanced network security solution for today's complex, interconnected world. SDP follows a Zero Trust approach, wherein the default network security posture is that of deny. Access is granted upon authenticating and authorising both user and device.” Advanced SSL-VPNs operate at the application layer and offer Zero Trust functionality" “By pre-authorising users and devices prior to making the application layer access (applications and resources), SDP protects enterprises from a range of attacks. The debate of SDP as a complete replacement over VPN (SSL-VPN), that SSL-VPN is insecure, or SSL-VPN lacking Zero Trust capabilities, is all moot. SSL-VPN is a proven, widely used tool for secure remote access. Advanced SSL-VPNs operate at the application layer and offer Zero Trust functionality.” Secure access solution “Pulse Access Suite with SDP has extensive functional capabilities and greater infrastructure, security and application interoperability that supports, comparatively, a broader and more diverse range of use cases,” said Piyush Dewangan, industry research manager at Quadrant Knowledge Solutions. “The company is distinguished among zero trust, secure access solution vendors, especially for enterprises and service providers operating hybrid IT and multi-cloud environments.” Pulse Secure’s Zero Trust value proposition is realised through its Access Suites that deliver continuous user and device authentication, protected connectivity, extensive visibility and threat response across mobile, network and cloud environments. The integrated Suites offer enterprises easy access for end users and single-pane-of-glass management for administrators. Organisations can centrally orchestrate Zero Trust policy to ensure compliant access to applications, resources and services no matter where they reside; on-premises, in private cloud and public cloud environments. Improving user productivity Pulse SDP, is an add-on to the Suite that extends secure access capabilities Pulse SDP, Software Defined Perimeter, is an add-on to the Suite that extends secure access capabilities by allowing direct, trusted access between a user’s device and the application residing in the cloud or data centre. “The need for Zero Trust network security has never been greater, especially due to increased targeted attacks, rapid work from home mandates, and mounting privacy compliance obligations. We have seen tremendous demand for our Pulse Access Suites as organisations consolidate their secure access tech stack to gain agility, scale and cyber risk mitigation,” said Scott Gordon, chief marketing officer at Pulse Secure. “We are pleased to receive Zero Trust security market distinction and welcome organisations to explore our Access Suite to see how it can cost-effectively improve user productivity and enterprise security posture.” Granular conditional access and enforcement Pulse Secure solution’s Zero Trust approach that is highlighted in the SDP market insights report include: Zero Trust mechanisms - continuous authentication, endpoint posture checking, granular conditional access and enforcement, and simultaneous per application tunnelling Continuous authentication and authorisation of users and devices by leveraging extensive multi-factor authentication (MFA), single sign-on (SSO), granular role-based access control, behaviour analytics, and other secure connection options Unified Pulse Client to ensure native user experience and endpoint compliance for popular OS’s, such as Windows, macOS, Linux, Android and iOS Dual-mode architecture within the platform allowing SDP and VPN functionality to work in parallel to provide zero trust secure access, deployment flexibility, and lower TCO Proprietary Optimal Gateway Selector™ technology to connect authenticated and authorised users to their nearest, available gateway to ensure access responsiveness
Pulse Secure, the provider of software-defined Secure Access solutions, announced a new research report that highlights improving hybrid IT, BYOD, access management and IOT security as the top priorities for UK healthcare organisations. 92% report ‘Unauthorised Data Access and Data Leakage’ has led to impactful incidents within the last 12 months. The Q1-2020 State of UK Healthcare Secure Access report by Pulse Secure surveyed more than 60 senior information security and decision-making executives from healthcare organisations in the UK with 1,000 to over 10,000 employees. Improving access control consistency The research examined overall IT spending strategy, incidents, control gaps, operational capacity and technology tools. The report confirms that UK healthcare industry is investing heavily in a hybrid IT strategy with an overwhelming majority expecting to increase investments by greater than 10% with usage predominately going into private cloud (94%) followed by datacentres (88%). One in four respondents said their organisation faced impact from malware, privileged user and IOT security incidents The continued uplift in cloud adoption and reinvestment in data centre resources has also introduced data breach concerns, as 60% plan to improve access control consistency across hybrid IT environments. While a wide variety of potential secure access exposures were presented to respondents, unauthorised data access, mobile and web exposures, and vulnerable and unsanctioned endpoint device issues plagued UK health institutions. IOT security incidents Correspondingly, one in four respondents said their organisation faced impact from malware, privileged user and IOT security incidents. The majority of midsized UK-based service providers cited significant impact with unauthorised application/resource access and use of unauthorised devices, whereas large institutions (those with 5,000 to 10,000 employees) claimed application unavailability/outage as having the highest impact. UK Healthcare providers are embracing mobile computing to improve medical responsiveness The report states, “Despite knowledge of their high impact incidents and access control gaps, a substantial number of respondents are less than confident, notwithstanding large investments in tools and security initiatives. Healthcare organisations’ ability to ‘orchestrate dynamic access authentication and protection’ is also in question, with 68% of respondents expressing little confidence.” UK Healthcare providers are embracing mobile computing and taking advantage of network- and web-connected devices to improve medical responsiveness, delivery and outcomes for their patients. BYOD access enforcement However, a majority (82%) of survey respondents cited mobile computing exposures and weak device access compliance among their top control gaps. Equally concerning is that 70% had nominal confidence in BYOD access enforcement, and 64% expressed similar confidence with IoT devices. As a result, streamlining BYOD and web-based mobile access and enhancing IoT security were expressed among the top priorities for security professionals in healthcare. The vast majority (96%) of respondents expressed a positive outlook towards tool set consolidation The research also illustrated a complex picture of healthcare organisations trying to plug holes and being reactive to threats or changes in IT infrastructures. While the industry seeks to optimise investments, the survey found that UK healthcare IT security practitioners’ use, on average, at least four related tools within each category of secure access. Standardising integrated platforms The vast majority (96%) of respondents expressed a positive outlook towards tool set consolidation. To this end, over 40% place one or more secure access functions in the hands of managed service providers and plan to increase outsourcing by as much as 7% over the next 18 months. The report states, “With the evolving nature of the sector this is no big surprise with mergers, legacy technologies, modernisation and shifts in working patterns and service provision all thrown into a melting pot of change. Healthcare organisations need to think about tool consolidation and standardising on integrated platforms.” Software Defined Perimeter (SDP) technologies SDP enables trusted access directly between the user and their device to the application and resource Looking at longer term strategy, the report indicates healthy investment to improve access security where the majority (56%) of UK healthcare respondents cited secure access expenditures to rise by 5% to 15% and a third expect spend to increase up to 25%. Of particular note was the interest in Software Defined Perimeter (SDP) technologies, also depicted as Zero Trust Network Access. SDP enables trusted access directly between the user and their device to the application and resource. Like perimeter-based VPN technology, SDP invokes user, device and security state authentication controls before and during an authorised, protected connection. 62% of healthcare security decision makers anticipate an SDP project or pilot within the next 18 months. Security infrastructure consolidation Commenting on the report, Scott Gordon, chief marketing officer for Pulse Secure said, “The findings indicated that while workforce mobility, cloud and IoT security still threaten data privacy and service availability obligations for UK healthcare, these institutions appear to be making appropriate upcoming priorities and investments to reduce secure access risks.” “The report data suggests that hybrid IT adoption and security infrastructure consolidation in the UK healthcare segment is likely over the next few years as new approaches such as Zero Trust Network Access can serve to protect patient care advancements.”
As 72% of organisations plan to implement Zero Trust capabilities in 2020 to mitigate growing cyber risk, nearly half (47%) of cyber security professionals lack confidence applying a Zero Trust model to their Secure Access architecture, according to the 2020 Zero Trust Progress Report released by Cybersecurity Insiders and Pulse Secure, globally renowned provider of software-defined Secure Access solutions. 2020 Zero Trust Progress report The 2020 Zero Trust Progress report surveyed more than 400 cyber security decision makers to share how enterprises are implementing Zero Trust security in their organisation and reveal key drivers, adoption, technologies, investments and benefits. The report found that Zero Trust access is moving beyond concept to implementation in 2020, but there is a striking confidence divide among cybersecurity professionals in applying Zero Trust principles. Cyberattacks and enormity of data breaches in 2019 has challenged the veracity of secure access defenses" “The sheer volume of cyberattacks and enormity of data breaches in 2019 has challenged the veracity of secure access defenses, even in well-funded organisations,” said Scott Gordon, chief marketing officer at Pulse Secure. “Zero Trust holds the promise of vastly enhanced usability, data protection and governance. However, there is a healthy degree of confusion among cyber security professionals about where and how to implement Zero Trust controls in hybrid IT environment – which is clearly reflected in respondents’ split confidence levels.” Data protection Of the organisations building out Zero Trust capabilities in 2020, data protection, trust earned through entity verification, and continuous authentication and authorisation were cited as the most compelling tenets of Zero Trust. The report also discovered nearly one-third of organisations (30%) are seeking to simplify secure access delivery, including enhancing user experience and optimising administration and provisioning. Additionally, 53% of respondents plan to move Zero Trust access capabilities to a hybrid IT deployment. Vulnerable mobile and at-risk devices, BYOD and IoT trend More than 40% of survey respondents expressed that vulnerable mobile and at-risk device, insecure partner access, cyber-attacks, over privileged employees, and shadow IT risks are top challenges to secure access to applications and resources. “Digital transformation is ushering in an increase in malware attacks, IoT exposures and data breaches, and this is because it’s easier to phish users on mobile devices and take advantage of poorly maintained Internet-connected devices. As a result, orchestrating endpoint visibility, authentication and security enforcement controls are paramount to achieve a Zero Trust posture,” said Gordon. While 45% are concerned with public cloud application access security and 43% of respondents expressed Bring Your Own Device (BYOD) enablement issues, more than 70% of organisations are looking to advance their identity and access management capabilities. Secure Access for Hybrid IT models Secure Access starts with appropriate and well-maintained user provisioning but requires entity authentication" “Secure Access starts with appropriate and well-maintained user provisioning but requires entity authentication and compliance checks to invoke conditional access – regardless if a user is remote or on a corporate network, if the device is personal or corporate-owned, or if the application is internal or in the cloud,” said Gordon. Workforce mobility and hybrid IT models have placed most workloads beyond the shelter of corporate networks and traditional perimeter defense – which creates significant user access and data concerns. The 2020 Zero Trust Progress Report revealed nearly a third of cybersecurity professionals expressed value in applying Zero Trust to address hybrid IT security issues. Re-evaluating secure access infrastructure “Organisations at all stages of cloud adoption should re-evaluate their access security posture and data privacy requirements as they move applications and resources from on-premises to public and private cloud environments. Applying a Zero Trust model that aligns to hybrid IT migration can allow organizations to realise utility computing economies while creating a non-disruptive way to implement Zero Trust Network Access (ZTNA) functionality when, where and how they require,” said Gordon. The report highlighted that a quarter of organisations seek to augment their current secure access infrastructure with Software Defined Perimeter (SDP) technology (aka Zero Trust Network Access - ZTNA). “Organisations interested in exploring ZTNA should seek a solution that works in parallel with a perimeter-based VPN to gain essential operational flexibility for enterprises and service providers supporting data center and multi-cloud environments,” said Gordon. Hybrid IT deployment Of the respondents considering SDP, a majority (53%) would require a hybrid IT deployment and quarter (25%) would adopt a SaaS (Software-as-a-Service) implementation. “Some organisations are hesitant to implement Zero Trust as SaaS because they might have legacy applications that will either delay, or prevent, cloud deployment. Others might have greater data protection obligations, where they are averse to having controls and other sensitive information leaving their premises, or they have a material investment in their datacenter infrastructure that meets their needs,” said Holger Schulze, founder and CEO of Cybersecurity Insiders.
Pulse Secure, the provider of software-defined Secure Access solutions, announces that it has published its ‘2019 State of Enterprise Secure Access’ report. The findings quantify threats, gaps and investment as organisations face increasing hybrid IT access challenges. The survey of large enterprises in the US, UK and DACH uncovers business risk and impact resulting in a pivot towards extending Zero Trust capabilities to enable productivity and stem exposures to multi-cloud resources, applications and sensitive data. Audit access security The survey data showed all enterprises have ongoing data center dependencies While enterprises are taking advantage of cloud computing, the survey data showed all enterprises have ongoing data center dependencies. One fifth of respondents anticipate lowering their data center investment, while more than 40% indicated a material increase in private and public cloud investment. According to the report, the shift in how organisations deliver Hybrid IT services to enable digital transformation must also take into consideration empowering a mobile workforce, supporting consumer and IoT devices in the workplace and meeting data privacy compliance obligations – all make for a challenging environment to ensure, monitor and audit access security. Empower corporate leadership “What was consistent across enterprise sizes, sectors, or location was that secure access for hybrid IT is a current and growing concern with cyberthreats, requirements and issues emerging from many sources. The reporting findings and insights should empower corporate leadership and IT security professionals to re-think how their organisations are protecting resources and sensitive data as they migrate to the cloud,” said Martin Veitch, editorial director at IDG Connect. IDG Connect and Pulse Secure will share research findings in a webcast entitled ‘State of Enterprise Secure Access – Issues, Initiatives and Tech,’ on June 13 at 7 a.m. PT / 10 a.m. ET / 2 p.m. GMT. Authorisation access controls 61% of respondents indicated modest confidence in their security processes The survey found the most impactful incidents were contributed by a lack of user and device access visibility and lax endpoint, authentication and authorisation access controls. Over the last 18 months, half of all companies dealt with malware, unauthorised/vulnerable endpoint use and mobile or web apps exposures. Nearly half experienced unauthorised access to data and resources due to insecure endpoints and privileged users, as well as unauthorised application access due to poor authentication or encryption controls. While a third expressed significant confidence, 61% of respondents indicated modest confidence in their security processes, human resources, intelligence and tools to mitigate access security threats. Device configuration compliance The survey revealed the top access threat mitigation deficiencies: Defining app, data and resource access and protection requirements Defining, implementing and enforcing user and device access policy Provisioning, monitoring and enforcing BYOD and IoT device access When survey participants were asked what they perceive as their largest operational gaps for access security, the majority identified hybrid IT application availability; user, device and mobile discovery and exposures; weak device configuration compliance; and inconsistent or incomplete enforcement. Correspondingly, the participants stated that their organisations are stepping up their access security initiatives: 48% improving endpoint security, remediation prior to access 46% enhancing IoT discovery, isolation and access control 44% fortifying network and cloud access visibility and resource segmentation Software defined perimeter Larger companies have about 30% more tools than smaller enterprises The cited incidents, threat mitigation deficiencies and operational gaps are among reasons for the interest in a Zero Trust approach for access security. A Zero Trust model authenticates, authorises and verifies users, devices, applications and resources no matter where they reside. It encompasses proving identity, device and security state before and during a transaction; applying a least privilege access closest to the entities, applications and data; and extending intelligence to allow policies to adapt to changing requirements and conditions. Adding to management complexity, the report also found that organisations employ three or more secure access tools per each of 13 solutions presented in the survey. Larger companies have about 30% more tools than smaller enterprises. Correspondingly, nearly half of respondents were open to exploring the benefits of consolidating their security tools into suites. With the migration to cloud, one tool of interest cited by respondents as being implemented or planned over the next 18 months is Software Defined Perimeter (SDP). Secure access tool 91% of enterprises plan to increase secure access expenditure over the next 18 months; 30% anticipate an increase spend between 15% to 25% 44% of enterprises use data center in conjunction with public cloud, 30% in conjunction with private cloud, and 26% utilise all three delivery environments 46% of large enterprises prefer data center and private cloud; primarily preferred by financial services and U.K.-based companies 49% or more cited significant access incidents due to malware, unauthorised and vulnerable endpoint use and mobile and web app exposures - healthcare organisations experienced greater mobile and web app exposures 81% expressed gaps in hybrid IT application availability - financial services experienced the most business impact related to application availability 78% indicated need for greater visibility of users, endpoints and mobile devices; more evident in large enterprises and those in the DACH region 42% will focus on refining privileged user or service account-based access – a top priority in financial services and manufacturing 48% stated a willingness to explore secure access tool consolidation into suites 56% stated a project or pilot of Software Defined Perimeter technology over the next 18 months Over 38% of respondents outsource secure access capabilities to Managed Security Service Providers (MSSPs) with additional MSSP usage to grow 10% by 2021 Secure access priorities We are pleased to sponsor the 2019 State of Enterprise Secure Access Report" The independent research for the report, which offers key insights into the current access security landscape and the maturity of defences, was conducted by IDG Connect. Survey respondents included more than 300 information security decision makers in enterprises with more than 1,000 employees across U.S., U.K. and DACH regions, and covered key verticals including financial services, healthcare, manufacturing and services. “We are pleased to sponsor the 2019 State of Enterprise Secure Access Report. The independent research provides a useful litmus test for the level of exposure, controls and investment regarding hybrid IT access,” said Scott Gordon, chief marketing officer at Pulse Secure. “The key takeaway from this report is hybrid IT delivery has expanded security risks and necessitates more stringent access requirements. As such, organisations should re-assess their secure access priorities, capabilities and technology as part of their Zero Trust strategy.”
Pulse Secure, global provider of secure access solutions to both enterprises and service providers, has been recognised as a technology leader and among the top three performers in Network Access Control (NAC) according to research by Quadrant Knowledge Solutions. The NAC market, estimated at nearly $1.3 billion and growing by 27.6 percent per year, is driven by workforce mobility and Bring Your Own Device (BYOD), global regulations, automated threat response and Internet of Things (IoT) security risks. 2019 NAC Market Outlook According to the '2019 NAC Market Outlook' report by Quadrant Knowledge Solutions, NAC manages and controls access of devices and users to corporate networks based on policies, including endpoint configuration, authentication and user’s identity. NAC technologies have evolved significantly from device access authorisation, BYOD and guest management functions to more granular endpoint visibility, access and security capabilities that support robust policies driven by mobility, cloud and virtualisation trends. Modern NAC technology includes functionality to support granular network segmentation, user behavior monitoring, enhanced visibility, and security automation and orchestration capability for automated threat detection and response. The published report provides an overview of the market including NAC capabilities, technology, drivers, adoption trends and competitive insights. IoT proliferation IoT proliferation and the convergence of IT/OT networks is expanding the enterprise attack surface"“IoT proliferation and the convergence of IT/OT networks is expanding the enterprise attack surface. With endpoint, BYOD and IoT security risks, organisations are taking advantage of the operational visibility and threat mitigation capabilities of next generation NAC solutions,” said Piyush Dewangan, industry research manager at Quadrant Knowledge Solutions. “Pulse Secure has received strong ratings for its sophisticated technology platform, competitive differentiation, scalability, technology vision and overall customer impact.” The report cites that Cisco, ForeScout Technologies, and Pulse Secure are the top performers and technology leaders in the global NAC market. These companies provide comprehensive NAC solutions targeting large enterprise organisations, improving their network visibility and granular policy implementation. Pulse Policy Secure Among the capabilities highlighted in the report that earned Pulse Policy Secure (NAC) a technical leadership ranking, the most distinguished are: Integrated visibility, BYOD and IoT security and Zero Trust enforcement capabilities Easy path to NAC, starting with rich network device profiling, inventory and guest management Dynamic identification, classification, monitoring and reporting of managed and unmanaged endpoint and IoT devices Agent and agentless options for pre- and post-admission control, supporting an existing 802.1x supplicant/agent, or by employing agentless multi-factor device discovery and verification Automated or self-service provisioning of guest, BYOD and IoT devices Advanced User Enhanced Behavior Analytics (UEBA) further detects anomalous user, endpoint and IoT device activity Integration with leading networking and security tools, and automated threat response Data center or cloud administration of multiple distributed PPS appliances; each appliance can control up to 50,000 devices to scale to over a million devices per network Integration with leading networking and security tools, and automated threat response Common NAC/VPN Client, policy engine and system management for streamlined deployment, unified visibility and consistent access control for data center and hybrid IT Expanding enterprise NAC platform Pulse Secure continues to experience growth in its enterprise NAC platform with sales through partners to existing customers" “Pulse Secure continues to experience growth in its enterprise NAC platform with sales through partners to existing customers, as well as to organisations investing in first-time NAC deployments and those replacing their current solutions,” said Scott Gordon, vice president of marketing at Pulse Secure. “With our unique means to offer a simple, unified NAC and VPN solution, we allow enterprises to gain essential intelligence, compliance and protection for remote, cloud and data center access. We are honoured to receive this NAC market distinction as technology leader.” The 'NAC Market Outlook' report earmarks that the global NAC market is expected to increase significantly in the next five to six years. NAC is increasingly becoming mature and accepted as a key technology to improve an organisation's overall security defenses. Both large and mid-sized organisations are looking at full-scale deployments and extending NAC security to a greater number of devices and endpoints. Adopting security technologies Traditionally, the adoption of security technologies is primarily driven by compliance to broader global regulations. In the global market, banking & financial services, education, government and healthcare sectors are the primary users of NAC solutions. However, organisations from several industry verticals are increasingly focusing on improving their security measures to enhance overall security. IT/OT convergence has resulted in increased exposure to cyberthreats to the industrial environment, and NAC vendors are expanding their capabilities to support IT/OT convergence.
Pulse Secure, global provider of Secure Access solutions to both enterprises and service providers, has announced the launch of new packaging of its award-winning Pulse Access Suite for Managed Security Service Providers (MSSPs). The solution offers service providers an accelerated, cost-effective means to differentiate and build out their service portfolio to meet the massive demand for protected connectivity to cloud applications and hybrid IT resources. Pulse Secure Pulse Secure offers a comprehensive, integrated and highly interoperable set of Secure Access solutions spanning remote, mobile and cloud access security; network visibility and access control; and application delivery. The suite allows service providers to extend lucrative access protection, endpoint compliance, threat response and availability services for the data center, hosted in the cloud or running as SaaS. The service provider packaging optimises capital expenditure through an on-demand, pay-per-use model. MSSPs can spin up or spin down virtual Secure Access instances and licenses at a cost based on the number of concurrent monthly users. On-demand provisioning and tiered, user-based pricing gives service providers needed flexibility for customer onboarding, growth spurts and business downturns. Managed Security Services (MSS) The Managed Security Services (MSS) market 'constitutes approximately 60 percent of the overall security outsourcing market' According to a recent Gartner report1, the Managed Security Services (MSS) market 'constitutes approximately 60 percent of the overall security outsourcing market , generating $18.7 billion in revenue in 2017 and growing at a CAGR of 11 percent through 2021. It is important to view MSS in the context of broader security outsourcing, because large enterprises are increasingly looking for hybrid engagements that include a mix of shared and dedicated service delivery components.' Key market trends in that report include: Moving beyond monitoring of only network-based security technologies, particularly the network perimeter, with increasing focus on the endpoint (e.g. managed EDR services) Increasing movement toward more customised outcomes for buyers Buyer demand for capabilities to monitor popular SaaS applications, and public cloud service providers and IaaS Enterprise Mobile Management (EMM) and Network Access Control (NAC) As enterprises are seeking more complete offerings from fewer managed security service providers, MSSPs in turn are seeking to expand service scope while reducing business risk and operational complexity. In comparison to working with point solutions that are limited due to custom integration, disparate management and licensing constraints, Pulse Secure uniquely offers MSSPs integrated Virtual Private Network (VPN), Enterprise Mobile Management (EMM), Network Access Control (NAC) and virtual Application Delivery Controller (ADC) solutions within a unified management framework for data center and hybrid IT implementation. Pulse Secure Access Suite for MSSPs MSSP packaging, including user-based licensing, will be available to authorised channel partners at the end of November through Pulse Secure’s global distributors MSSP packaging, including user-based licensing, will be available to authorised channel partners at the end of November through Pulse Secure’s global distributors. The Pulse Secure Access Suite for MSSPs’ list price starts at $6 USD MSRP per concurrent user per month for the first 500 users with higher discounts available for larger user counts. The solution includes a multi-tenant, centralised management system and licensing server that gives MSSPs operational oversight while also providing clients with dashboard visibility. The solution includes virtual appliance form factors for VMware, KVM and Hyper-V, and supports deployment in hosted cloud environments such as Microsoft Azure and Amazon AWS. “Ensuring secure access is more challenging than ever given the dynamics of cyber threats, IT consumerisation and software-defined data centers. Enterprises of all sizes are overwhelmed and increasingly looking to MSSPs for expertise and capacity,” said Scott Gordon, chief marketing officer at Pulse Secure. “Pulse Secure gives MSSP leaders an easy, proven and no-risk path to extend services and increase revenues for hybrid IT secure access. More importantly, our new MSSP packaging enables our service provider partners and their customers to deliver ubiquitous access productivity while ensuring compliance.” Managed Access Services “Pulse Secure has been a key vendor for our managed access services. In my team’s experience, Pulse is the only one that has reliably delivered as-advertised stability, performance and manageability, as well as new feature sets that satisfy our highly demanding clients,” said Nicholas Klein, SOC supervisor at GTT Managed Secure Access Group. “With Pulse Secure, our services are backed by a rock-solid, flexible platform paired with a responsive support team, allowing us to focus on the value-add aspects of our managed service for our customers.” “As business, government and educational institutions are building out their cloud-enabled infrastructure, enterprises must consider how to enforce appropriate resource and data access while delivering high usability for their users. indevis offers enterprises the benefit of expertise, resources, and experience to design and implement an integrated data center and cloud access strategy,” said Wolfgang Kurz, founder and CTO at indevis. “We believe Pulse Secure offers a breadth of Secure Access capabilities and interoperability that give our customers greater freedom to optimize and defend their mobile and cloud computing initiatives. We appreciate the operational and licensing advantages that the Pulse Secure packaging provides our customers and us.” Internet of Enterprises Orange Business Services is a leader in the Internet of Enterprises, the emerging digital business ecosystem powered by data" “Orange Business Services is a leader in the Internet of Enterprises, the emerging digital business ecosystem powered by data. We are at the core of our customers’ data journey,” said Nicolas Drogou, head of Orange Cyberdefense APAC. “Ensuring the security of the data and its journey end to end is paramount to us being the trusted partner for their Digital Transformation. Pulse Secure is a cornerstone solution within our managed security services suite. The features and scalability of its Secure Access suite enable us to tackle the complex Secure Access challenges that organizations face in an increasingly volatile threat landscape.” “RKON’s customers are building out significant mobile and cloud investments where potential exposure to cyberattacks, compliance and visibility gaps are top of mind,” said Jeff Mullarkey, CEO of RKON, a leading-edge MSSP based in Chicago. He further added, “Ensuring always-on and protected access to resources is foundational to their businesses. We support enterprises across all verticals with a specific emphasis in the mergers and acquisitions space. Our Managed Secure Access practice leverages the Pulse Secure platform's reliability and broad capabilities.”
Pulse Secure, global provider of enterprise Secure Access solutions has announced the release of Pulse Policy Secure 9.0 to enable organisations an easier, flexible and VPN-integrated path to next-generation Network Access Control (NAC). The latest release incorporates more than 36 new features and enhancements; advancing visibility, usability, endpoint and IoT security, and threat response capabilities. As a result, enterprises can strengthen their security posture and mitigate malware, data breaches and compliance risks. “With growing attacks, BYOD and data privacy issues, enterprises must get a handle on users, endpoints and IoT devices accessing their network resources,” said Tony Massimini, senior industry analyst at Frost & Sullivan. “Pulse Secure is distinguished by offering the benefits of both pure-play and infrastructure NAC providers. Unlike infrastructure NAC, Pulse Secure is integrated and works with popular switches, wireless, and security infrastructure to facilitate deployment and threat response. Unlike pure-play NAC offerings, Pulse Secure offers VPN and NAC solutions that amalgamate mobile, cloud and network oversight. The combination delivers enterprise value for user, endpoint and IoT visibility, as well as threat response.” Pulse Policy Secure Pulse Policy Secure (PPS) is an enterprise-class NAC solution that delivers network visibility, “comply to connect” policy enforcement and security orchestration Pulse Policy Secure (PPS) is an enterprise-class NAC solution that delivers network visibility, “comply to connect” policy enforcement and security orchestration with popular switch, wireless controller, NGFW, SIEM, EMM and endpoint security solutions. PPS tackles the challenges of securing corporate networks, which are being redefined by Hybrid IT, mobile devices and IoT. Frost & Sullivan predicts that IoT connections will reach 45.4 billion by 2023. IoT brings new exposures as mobile, wearables, medical and other IP-enabled devices are introduced to the corporate network. Policy Secure 9.0 boosts compliance enforcement with broader endpoint discovery mechanisms, vulnerability assessment to prevent malware attacks such as WannaCry, as well as OS and patch management verification to safeguard Windows and macOS devices. Beyond supporting TACACS+ for role-based network device support, the release also streamlines user experience by incorporating host checking caching, directory, authentication and firewall integration techniques to reduce login prompts, authorisation and device compliance time. Pule Profiler and Secure 9.0 Pulse Profiler, sold separately or integrated within PPS, automatically identifies managed and unmanaged devices Pulse Profiler, sold separately or integrated within PPS, automatically identifies managed and unmanaged devices (e.g. printers, VOIP phones, cameras) that are connecting to the corporate network. The system dynamically monitors for device profile and security state changes. The new version further extends IoT device discovery, classification and management features with added means to ascertain new and custom IoT devices, and to apply policy for conditional access. Policy Secure 9.0 further enables threat response orchestration. PPS can share identity and endpoint information with popular network and security infrastructure, as well as receive network policy enforcement requests from external solutions. The release extends integration with Palo Alto Networks, Checkpoint, Juniper and Fortinet firewalls to enrich their operational context, as well as to allow the firewall to invoke NAC endpoint network segregation or blocking. IoT Security and threat mitigation Organisations understand NAC advantages for visibility, IoT security and threat mitigation" "Organisations understand NAC advantages for visibility, IoT security and threat mitigation, but perceive the technology to be cumbersome. The latest release of Pulse Secure NAC continues to advance our deployment, usability and integration capabilities while delivering enterprise-class functionality,” said Scott Gordon, chief marketing officer at Pulse Secure. “With our unique means to offer a simple, unified NAC and VPN solution, we allow enterprises to gain essential intelligence, compliance and protection for remote, cloud and data center access.” Pulse Secure offers organisations an easy, flexible and scalable path to next generation NAC: Start with the Pulse Profiler for dynamic endpoint and IoT device visibility, assessment, inventory and monitoring Deploy Pulse Policy Secure for automated guest management, mobile on-boarding, endpoint remediation, network enforcement and threat response Streamline implementation with wizard templates and the means to phase in access enforcement, network coverage, and core integrations Scale cost-effectively with the PPS appliance, which includes a high-performance RADIUS server supporting up to 50,000 concurrent devices Centrally manage appliances and over a million endpoints though the Pulse One console Simplify and expedite NAC deployment for Pulse Secure VPN customers by leveraging the same user client, policy framework and centralised management console Network Access Control solutions The evolution of Network Access Control solutions is critical to the security industry" "We are seeing more IoT deployments especially within our larger clients in healthcare and manufacturing and we welcome the enhancements to Pulse Policy Secure that help to discover and protect a wider array of devices,” said David Hood, MD of ANSecurity, “The evolution of Network Access Control solutions is critical to the security industry and deeper support for next generation firewalls and other security platforms offered by the new 9.0 release will go a long way towards helping organisations to simplify security in what is an increasingly complex infrastructure landscape.”
Pulse Secure, the leader in secure access solutions for people, devices, things and services, announced Scott Gordon joining the company’s executive team as Chief Marketing Officer, building upon Pulse Secure’s customer success, product innovation and sustained growth. “We are singularly focused on improving the productivity of our customers, and with our focus on secure access solutions, we are enjoying strong business growth and attracting new high caliber customers, partners and talent,” said Sudhakar Ramakrishna, CEO of Pulse Secure. “We welcome Scott’s leadership, experience and drive to our executive team as we continue to develop the company and elevate our global presence.” Scott Gordon to expand Pulse Secure's global market strategy In this role, Gordon will be responsible for expanding the company’s global go-to-market strategy, branding, channel and sales enablement. Gordon brings more than 20 years of industry experience and accomplishments in global tech marketing to Pulse Secure, having consistently delivered strategies, results and teams that have accelerated many well-known cyber security brands. Previously, he was CMO at digital threat management vendor, RiskIQ. Prior to that, he was CMO at the network access control vendor, ForeScout Technologies (FSCT). He has also held executive and management roles at AccelOps (acquired by Fortinet), Protego (acquired by Cisco), Axent (acquired by Symantec) and McAfee. Pulse secure advances its secure access portfolio Pulse Secure continues to advance its secure access portfolio, which enables business to gain ubiquitous, seamless and compliant access between users, devices, applications and services across network, web, mobile, cloud and data center environments. Correspondingly, customers have expressed their appreciation for the company’s product benefits and dedicated support with record-setting NetPromoter scores. Among other accomplishments, the company has successfully transitioned users of the Virtual Application Delivery Controller (vADC) product family, from Brocade Communications Systems to Pulse Secure. “The pace of enterprise investments to ensure digital transformation and enhanced user experience requires unfettered, dependable, and appropriate resource access,” said Scott Gordon, CMO of Pulse Secure. “Pulse Secure is in an exceptional position to extend its market position via a proven platform, flexible solution set, and compelling vision. I am excited to join the team and contribute to the company’s success.”