Preventing Lateral Hacker Movement with Crypto-Segmentation

August 23rd, 2016

Corporations increasingly realize the need to align their security practices with their business priorities. Crypto-segmentation is a new approach to protecting applications and the data they access from hackers who have become adept at penetrating corporate systems.

Cybercriminals are well rehearsed in finding ways inside of corporate networks. It’s not new territory, nor is it a hard task for them to achieve. After easily bypassing firewalls, hackers are able to move laterally from application-to-applications until they find the most sensitive and valuable data. Overcoming this security challenge is one of the biggest tasks facing information security managers today.

Micro-segmentation is a technology that technology advisory firm Gartner has identified as one of the must-haves for enterprise security in 2016. Crypto-segmentation is a form of this that works by cryptographically isolating workloads and encrypting network traffic end-to-end, therefore preventing lateral hacker movement and keeping data secure.

Cypto-segmentation protects applications and data by isolating individual applications and granting access only to authorized users based on business rules and authentication policies. This makes lateral movement across applications impossible, thus isolating hackers from doing extensive damage throughout a corporate environment.

Software-defined, cryptographic segmentation techniques allow:

Cryptographic segmentation certainly requires a new way of thinking. While organizations have worked hard on creating robust security strategies, with security experts across the globe now recommending a containment policy based on clearly defined infrastructure segments, it is time to make the change.

Discover how Masergy is working with Certes Networks’ CryptoFlow Platform to deliver WAN Encryption to your managed WAN.

David Venable

David Venable, Vice President of Cyber Security at Masergy Communications, has over 15 years experience in information security, with expertise in cryptography, network and application security, vulnerability assessments, penetration testing, and compliance. David is a former intelligence collector with the National Security Agency, with extensive experience in Computer Network Exploitation, Information Operations, and Digital Network Intelligence. He also served as adjunct faculty at the National Cryptologic School.

Related Content

Transform with Certainty: Masergy’s New Branding Spotlights Confidence in Service Experience

As the pioneer in software-defined networking, Masergy’s new brand crystallizes the value we deliver--helping enterprises transform with certainty.

Read more

How to Invest Wisely in Digital Transformation with Technology Chains

In focusing too narrowly on single technologies, IT leaders miss out on the aggregate benefit of technology chains. The key is to ensure tight integration across all layers of the IT ecosystem with a technology value chain.

Read more

Masergy Announces 2020 STEM Scholarship Opportunities–Students Apply Now!

Masergy supports students with inventions making an impact on society. A new STEM scholarship will award $10,000 in total prizes to innovative college students. Get the application details.

Read more