VPN

Zscaler Announces New Study to Examine Hidden Vulnerabilities Found in Enterprise VPNs

Zscaler, Inc. (NASDAQ: ZS), the pioneer in cloud security, today announced another examination that analyzes hidden vulnerabilities found in big business virtual private organizations (VPNs) and spotlights the requirement for a zero-trust security way to deal with alleviate dangers. Distributed as a team with the Cybersecurity Insiders, the report incorporates discoveries from a worldwide study of in excess of 350 cybersecurity experts on the present status of far off access conditions, the ascent in VPN vulnerabilities, and the job zero-trust security models play in giving admittance to big business applications. To download the full examination, see the Zscaler 2021 VPN Risk Report.

Throughout the previous thirty years, VPNs have been conveyed to furnish far off clients with admittance to assets on corporate organizations. Notwithstanding, the expanded interest for distant work arrangements, a move to the cloud, and progressions in advanced change have revealed expanded inconsistency among VPNs and genuine zero-trust security designs. These inconsistencies, generally because of VPNs natural requirement for admittance to the organization, and should be presented to the Internet, have expanded the venture assault surface permitting danger entertainers to misuse these heritage models dependent on their innate trust of clients.

The 2021 Zscaler VPN Risk Report features the current VPN utilization by endeavors and uncovered the rundown of top difficulties looked by IT overseers who oversee VPNs. It suggests security options that exist for organization and security pioneers needing to give quick, consistent and secure admittance to business applications without bargaining their current zero trust security methodologies, and incorporates information that gives a brief look into the job that zero trust will play later on for far off access. The review discoveries show:

• 93 percent of companies surveyed have deployed VPN services, despite 94% of those surveyed admitting that they are aware that cybercriminals are exploiting VPNs to access network resources.
• Respondents indicated that social engineering (75%), ransomware (74%), and malware (60%) are the most concerning attack vectors and are often used to exploit users accessing VPNs.
• With nearly three out of four businesses concerned with VPN security, 67% of organizations are considering remote access alternatives to the traditional VPN.
• As a result of growing VPN security risks, 72% of companies are prioritizing the adoption of a zero-trust security model, while 59% have accelerated their efforts due to the focus on remote work.
• Looking at the future need for zero trust services, the report states that 77% of respondents indicated that their workforce will be hybrid, with greater flexibility for users to work remotely or in the office.

“It’s encouraging to see that enterprises understand that zero-trust architectures present one of the most effective ways of providing secure access to business resources,” said Chris Hines, Director, Zero Trust Solutions, Zscaler. “As organizations continue on their journey to cloud and look to support a new hybrid workforce, they should rethink their security strategy and evaluate the rising cybersecurity threats that are actively exploiting legacy remote access solutions, like VPN. The more secure approach is to completely leave network access out of the equation by taking the users securely and directly to the applications by brokering all user to app connections using a cloud-delivered zero trust access service instead.”

About Zscaler

Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SASE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.

Spotlight

Spotlight

Related News

Virtual Server Management

EMA and Auvik Research Reveals Hybrid and Remote Work Has Increased Workloads, Posed Challenges to Remote Network Experiences

Business Wire | September 28, 2023

New research by Enterprise Management Associates (EMA) and Auvik, an award-winning provider of cloud-based network management software, revealed that the ongoing shift to hybrid and remote work environments has resulted in key changes to the roles and priorities of network administrators in order to address new connectivity challenges and prioritize and preserve a secure, productive end-user experience. The report examined the remote and hybrid work paradigm through the lens of network operations teams – 73% of which reported an increase in workloads, either slightly or significantly, following the shift from traditional to hybrid work environments. Results from the report demonstrated that the top challenges associated with the remote work experience are poor home Wi-Fi setups, distance from applications, and poor ISP quality. To combat these obstacles, 72% of surveyed organizations have deployed network hardware to the homes of remote workers, including network security devices (62.7%) and Wi-Fi access points (54.1%). Additionally, 90% of organizations with hybrid workers shared that they had to upgrade Wi-Fi networks to address increased office mobility requirements. “These results reinforce that although people are beginning to return to the office, hybrid work is here to stay and is resulting in significant changes for network administrators,” said Alex Hoff, co-founder and Chief Strategy Officer for Auvik. “Although IT teams no longer own all the assets utilized daily by employees, they are still responsible for these operations. And despite not being able to directly exert control over employees’ home networks, they can have visibility over these environments with network monitoring tools. Implementing network visibility software helps IT professionals overcome these new obstacles by providing the ability to maintain visibility and control amid changing work circumstances. The data provided in this report reinforces Auvik’s place in the market and demonstrates that our recent acquisitions, integrations, and expanded product offerings that were designed to help IT teams adapt to these new norms are well-suited for the challenges that are being identified within the industry.” Additional findings from the report include Nearly 49% of network operations teams started working with a new tool vendor to help them manage the network experience of remote workers. 76% of organizations need to unify how they manage network access policies across on-premises networks and remote users. Remote desktop access tools (deployed by 81% of companies) remain the go-to solution for troubleshooting remote users’ problems, but endpoint monitoring tools are increasingly popular (79%). Although 87% have allocated funds in their budget to update network operation tools for remote and hybrid user support, only 32% of organizations shared that they have been successful in doing so. The top issues employees most often report when they are working from home are VPN access issues, followed by performance issues with SaaS applications. “96% of IT organizations said they are supporting hybrid workers, and 30% of all employees who work remotely are hybrid workers,” said Shamus McGillicuddy, VP of Research, EMA. “With employees working both at home and in the office, it is important to have the assets and software necessary to support them in both locations. This means enterprises must invest in more secure remote access solutions that offer integrated network security automation, centralized management, and network optimization or network enhancement, as well as network observability tools that are able to monitor performance across disparate locations.” Methodology Auvik commissioned an independent research firm to survey 354 IT professionals directly involved in supporting the networking requirements of employees who work from home. About Auvik Auvik’s mission is to simplify how IT teams work and live by providing cloud-based IT monitoring and management with simplicity and speed. It lets IT professionals visualize IT infrastructure, SaaS applications, and shadow IT in minutes. As a result teams can identify and resolve issues in seconds, saving valuable time. Auvik is one of the fastest-growing North American technology companies, and is winner of the Deloitte Technology Fast 50 and Deloitte Fast 500. Visit www.auvik.com for more details. Auvik is a registered trademark of Auvik Networks Inc. About EMA Founded in 1996, EMA is a leading industry analyst firm that specializes in providing deep insight across the full spectrum of IT and data management technologies. EMA analysts leverage a unique combination of practical experience, insight into industry best practices, and in-depth knowledge of current and planned vendor solutions to help their clients achieve their goals.

Read More

Backup and Disaster Recovery

Pure Storage Simplifies Data Resilience and Enables an Enhanced Service Operations Experience For Enterprises Everywhere

PR Newswire | October 12, 2023

Pure Storage® the IT pioneer that delivers the world's most advanced data storage technology and services, announced critical new data resilience offerings, including the introduction of Pure Protect™//DRaaS, a unique Disaster Recovery as a Service (DRaaS) solution, new energy efficiency guarantees for its Evergreen® portfolio, and scalable AI-powered storage services via its Pure1® management platform to global enterprises. With the introduction of consumption-based disaster recovery via Pure Protect, a unique data resilience scoring system via Pure1, and updates to Evergreen subscriptions that include a new Paid Power and Rack commitment, Pure Storage enables enterprises to adopt a complete, end-to-end storage strategy that assures data resilience, reduces labor costs, accelerates sustainability initiatives, and delivers unrivaled TCO benefits. Industry Significance The rate of devastating ransomware attacks and the increasing frequency of natural disasters are upending business continuity more often each day. While many organizations recognize the importance of a disaster recovery (DR) plan, current DR solutions on the market are complex, expensive, and disruptive. Likewise, the current energy crisis, new environmental regulations, and ethical imperatives to improve corporate sustainability have led companies to set ambitious net-zero goals, but reckoning with the typical data center's power demands has remained challenging. And with digitization at scale and data proliferation and fragmentation, end-to-end operations management further aggravates the skill and budget shortages for IT. Today's introduction of Pure Protect //DRaaS and updates to the Pure Storage Evergreen portfolio not only address these critical industry pain points, but also set new milestones for customer-centricity with compelling guarantees. News Highlights Assured Data Resilience: Pure Storage enables enterprises everywhere to maximize data protection with a complete, multi-layered data resilience strategy built from the ground up. With intrinsic data protection built into its Evergreen architecture via ActiveDR™, ActiveCluster™, and SafeMode™ Snapshot capabilities, Pure Storage has now expanded data resilience with new trusted operations capabilities and a new disaster recovery service: Pure Protect //DRaaS, a new consumption-based Disaster Recovery as-a-Service solution, drastically reduces complexity, cost, recovery time, and business disruption in the wake of disasters and cyber disruptions. Organizations now have clean environments with multiple restore points to recover clean copies of their on-premises vSphere data, to native AWS EC2, no matter what underlying storage infrastructure it is, while ensuring data centers remain isolated for investigation. Data Resilience Score, within the Pure1 Data Protection Assessment, underscores Pure Storage's trusted operations by providing better transparency in the adoption of Pure Storage and industry-leading data protection and backup partner technologies, while offering the ability to assess entire fleet configurations against leading practices. Zero Data Loss Guarantee, across the Evergreen portfolio, provides peace of mind that customers data will not be lost due to Pure Storage hardware or software issues. In the rare case of any data corruption, Pure Storage assures data protection with advanced data recovery services for any hardware or software product-related incidents, at no cost. Enhanced Service Experience, Everywhere: With Pure Storage's AI-powered asset and lifecycle management services and policy-based automation, customers can achieve operational excellence, anywhere and on any scale. Asset Management and Genealogy allows customers and Pure Storage to jointly optimize Labor costs to run and operate storage. Customers get full transparency to manage Evergreen assets, contracts, subscriptions, and lifecycle, and get visibility into capacity, energy, and rack space usage. Customers can also view how each asset or subscription has evolved over time, including software updates, ramps, expansions, and renewals, and gain insight into upcoming lifecycle events such as EOL, upgrades, or contract expiration. Subscription Lifecycle Operations: Customers now benefit from a subscription viewer to understand when subscriptions require attention and renewal, predictive tracking of capacity utilization with actionable alerts to optimize reserve commit vs on-demand consumption, and new SLA indicators to track how well Pure Storage is meeting performance and efficiency SLAs. Customers can plan for future demand, trigger in-app workflows to request quotes, or use the new Pure1 Marketplace for a simplified subscription shopping experience. Partners can take advantage of these capabilities via APIs and early notifications of lifecycle events (EOL, renewal) to deliver seamless procurement experiences to joint customers. Policy-driven Upgrades take the guesswork out of choosing the right Purity release and simplify fleet management. They help customers strike the right balance between frequent upgrades and maintaining a secure and supported storage environment based on their organization's goals. Pure1 Mobile App enables customers to get insights and alerts even on the go as well as manage cases and get the latest information and news from Pure anywhere in the world. Guaranteed Energy Efficiency While Saving Money: With the only Paid Power and Rack Space commitment in the enterprise Storage as-a-Service market, and unique energy, density, and upgrade guarantees, Pure Storage is not only committed to providing the most sustainable storage solutions in the industry, but is also determined to make being green easier and more affordable for global customers. About Pure Storage Pure Storage uncomplicates data storage, forever. Pure delivers a cloud experience that empowers every organization to get the most from their data while reducing the complexity and expense of managing the infrastructure behind it. Pure's commitment to providing true storage as-a-service gives customers the agility to meet changing data needs at speed and scale, whether they are deploying traditional workloads, modern applications, containers, or more. Pure believes it can make a significant impact in reducing data center emissions worldwide through its environmental sustainability efforts, including designing products and solutions that enable customers to reduce their carbon and energy footprint. And with the highest Net Promoter Score in the industry, Pure's ever-expanding list of customers are among the happiest in the world.

Read More

VPN

Automox Announces Immediate and Secure Actions at Scale to Keep IT Fast and Compliant

globenewswire | September 21, 2023

Automox, the leader in AI-powered IT automation, is proud to announce two new capabilities, FixNow and PowerShell Signing. Combined, these new features further extend Automox’s industry-leading automation, speed, and security to enable organizations to act immediately to enforce and audit configuration, remediate vulnerabilities, install or remove software, query devices, and more. According to a 2019 IT Outage Impact Study, human error was the #1 cause of IT outages in the United States and Canada, and the #3 cause globally. Using FixNow for immediate testing and validation enables IT professionals to confidently automate configuration changes at scale and to minimize the potential for human error. FixNow runs Automox WorkletsTM immediately at scale across IT environments without a VPN or servers. With a catalog of over 300 automations that span Windows, macOS, and Linux systems, FixNow runs securely in real-time on the devices you choose. Early-access Automox customers are already confirming the value of FixNow. Matthew Rehm, Director of Information Systems at Methodist Theological School in Ohio said, “[FixNow] made updating some machines so much easier than having to schedule.” And David Thomson, IT Manager, St Andrew's First Aid in the UK said, “I use FixNow when evaluating new Worklets. The capability to execute instantly allows me to see instant results without cluttering up my existing policies.” “The value of immediate and secure action at scale cannot be overstated. We know time is of the essence, and FixNow lets our users remediate fast,” said Tim Lucas, CEO of Automox. “FixNow is the fastest and most secure way to audit and fix hundreds or even thousands of devices immediately.” According to a 2020 study by Cisco, PowerShell accounted for more than 33% of critical threats detected on endpoints. Automox PowerShell Signing will ensure script integrity and adherence to security best practices by enabling remote or all script signing to further reduce potential attack surfaces. Whether you automate or immediately execute PowerShell with FixNow, tasks like configuration, software deployment, and patching will be signed. To ensure the integrity of scripts from Automox and enable IT teams to adhere to security best practices, all PowerShell commands and automations will be self-signed by Automox. Once enabled, organizations can enhance their security posture by disallowing unsigned and potentially malicious PowerShell from running in their environment. “All Automox customers will be able to opt-in to sign every PowerShell command sent through Automox, so they can be confident that critical endpoint management tasks like configuration updates were unchanged in transit to managed devices,” said Jason Kikta, Automox CISO. “This is a major advance in security for IT teams. Dual-use and fileless PowerShell scripts comprise nearly half of the critical security threats on endpoints.” FixNow is available to Automox customers today as a free preview, Secure Signing will be made available to all Automox customers shortly. About Automox Automox is the IT automation platform for modern organizations. It makes it easy to keep Windows, macOS, and Linux endpoints patched, configured, controlled, and secured – without servers or VPNs. Using AI-powered automation, IT professionals can fix critical vulnerabilities faster, slash cost and complexity, and win back hours in their days. Join thousands of companies transforming IT operations into a strategic business driver with Automox.

Read More