RasPi and SDP: Ensuring Impenetrable Perimeters in a Perimeterless World

Since its introduction, the lightweight yet effective credit card-sized Raspberry Pi (RasPi) computer has grown steadily in global popularity. This is because the RasPi offers an easy-to-learn (it originated as an educational tool), easy-to-use and versatile compute platform that is also very low cost to buy and maintain. This makes it attractive for IT experts and novices alike. Consequently, countless RasPi computers have popped up everywhere, from educational institutions to homes and business organizations large and small. However, while seemingly simplistic, the RasPi is a fully capable computer that, if not properly secured, leaves it and the network to which it is attached vulnerable to attacks.

This, of course, can be a problem in our increasingly connected world.

Today, RasPi is being used by those who wish to learn about and build internet of things (IoT) devices. (by the way, IoT is by its very nature, a primary catalyst for world connection.) RasPi is an ideal platform for IoT, offering a very cheap computer that can run Linux and provides a set of open GPIO (general purpose input/output) pins that enable users to control electronic components. However, until now those who leveraged RasPi on their network opened the door to not only tremendous benefit but to those with malicious intent as well. But, that doesn’t have to be the case. Numerous organizations are already benefitting from a new class of data security: software-defined perimeters (SDP). When SDP is combined with RasPi, users can create highly secure, low-cost IoT networks, as SDP software improves the security of data flows between devices by removing an IoT device’s network presence. This eliminates any potential attack surfaces created by using a traditional network perimeter, such as virtual private networks (VPNs).

The fact is, traditional network perimeters such as VPNs were never designed or intended for today’s perimeterless world. VPNs and other conventional approaches are complex to set up and manage, can lead to performance issues, and require expensive dedicated appliances and routers. Moreover, their management takes up a great deal of the IT management team’s valuable time—time that could be better allocated to strategic activities more directly tied to the organization’s bottom-line objectives. And again, from a security standpoint, conventional perimeter security approaches create very large and highly vulnerable attack surfaces.

Alternatively, today’s modern SDP provides application-level segmentation, isolation and protection, overcoming traditional perimeter security’s intrinsic issues. SDP was designed from the ground up for how we work today. It ensures a zero trust environment: It does not automatically trust anyone or anything inside or outside the organization and demands verification before allowing connection or access to systems and data. SDP virtually eliminates the attack surface by forming a discrete, encrypted network. This makes all IT assets invisible and inaccessible until verified and authorized.

Regrettably, RasPi is not the only data security challenge for today’s IT professional to overcome. Many business organizations are now utilizing cloud-based disaster recovery (DR) to replace or augment their current DR strategy. In doing so, organizations are able to ensure data availability and business continuity while decreasing cost and management complexity. Unfortunately, many DR strategies rest upon a VPN foundation for data movement and protection. This is, of course, for the reasons outlined above: a foundation already cracking and incapable of withstanding the weight of today’s multi- and hybrid-cloud compute environment. SDP can overcome these issues as well.

RasPi and Cloud-Based DR

In 2020 we are already seeing two key trends emerging rapidly to the forefront that as a security professional, you likely should heed.

The first trend is that enterprises are beginning to take advantage of the ubiquity of RasPi and the security of SDP software to enhance product and services differentiation with valuable, highly protected IoT networks.

The second trend is that a new class of DR software with integrated SDP security is emerging and looking to disrupt the cloud DR market. This new SDP-enhanced DR software is enabling organizations to build smart endpoint DR environments that can seamlessly span on-premises and the cloud without the added costs, complexities and other issues of a VPN.

As with each decade that preceded it, 2020 is ushering in an era of new and exciting technological innovation that will enhance countless areas of our personal and professional lives. It continues to be such fun to imagine the unimaginable. Of course, 2020 will also likely bring with it those with rather nefarious intentions. However, if we plan and execute accordingly, we can spend less time worrying and putting out fires and more time reaping 2020’s technology rewards.

Don Boxley Jr.

Featured eBook
The Bot Problem: Effective Detection, Analysis & Blocking

The Bot Problem: Effective Detection, Analysis & Blocking

Bots account for 50% of all web traffic. In the U.S. alone, threat actors will cause over $12 billion in losses by next year. How do companies fight against the ever-multiplying barrage of bot attacks from bad actors? Security experts across all industries face the same challenge: how do I improve defenses against bot-generated traffic? This ebook reveals ways ... Read More
Signal Sciences
Don Boxley Jr.

Don Boxley Jr.

Don Boxley Jr. is a DH2i co-founder and CEO. Prior to DH2i, Don held senior marketing roles at Hewlett-Packard where he was instrumental in sales and marketing strategies that resulted in significant revenue growth in the scale-out NAS business. Don spent more than 20 years in management positions for leading technology companies, including Hewlett-Packard, CoCreate Software, Iomega, TapeWorks Data Storage Systems and Colorado Memory Systems. Don earned his MBA from the Johnson School of Management, Cornell University.

don-boxley-jr has 2 posts and counting.See all posts by don-boxley-jr