RasPi and SDP: Ensuring Impenetrable Perimeters in a Perimeterless World
Since its introduction, the lightweight yet effective credit card-sized Raspberry Pi (RasPi) computer has grown steadily in global popularity. This is because the RasPi offers an easy-to-learn (it originated as an educational tool), easy-to-use and versatile compute platform that is also very low cost to buy and maintain. This makes it attractive for IT experts and novices alike. Consequently, countless RasPi computers have popped up everywhere, from educational institutions to homes and business organizations large and small. However, while seemingly simplistic, the RasPi is a fully capable computer that, if not properly secured, leaves it and the network to which it is attached vulnerable to attacks.
This, of course, can be a problem in our increasingly connected world.
Today, RasPi is being used by those who wish to learn about and build internet of things (IoT) devices. (by the way, IoT is by its very nature, a primary catalyst for world connection.) RasPi is an ideal platform for IoT, offering a very cheap computer that can run Linux and provides a set of open GPIO (general purpose input/output) pins that enable users to control electronic components. However, until now those who leveraged RasPi on their network opened the door to not only tremendous benefit but to those with malicious intent as well. But, that doesn’t have to be the case. Numerous organizations are already benefitting from a new class of data security: software-defined perimeters (SDP). When SDP is combined with RasPi, users can create highly secure, low-cost IoT networks, as SDP software improves the security of data flows between devices by removing an IoT device’s network presence. This eliminates any potential attack surfaces created by using a traditional network perimeter, such as virtual private networks (VPNs).
The fact is, traditional network perimeters such as VPNs were never designed or intended for today’s perimeterless world. VPNs and other conventional approaches are complex to set up and manage, can lead to performance issues, and require expensive dedicated appliances and routers. Moreover, their management takes up a great deal of the IT management team’s valuable time—time that could be better allocated to strategic activities more directly tied to the organization’s bottom-line objectives. And again, from a security standpoint, conventional perimeter security approaches create very large and highly vulnerable attack surfaces.
Alternatively, today’s modern SDP provides application-level segmentation, isolation and protection, overcoming traditional perimeter security’s intrinsic issues. SDP was designed from the ground up for how we work today. It ensures a zero trust environment: It does not automatically trust anyone or anything inside or outside the organization and demands verification before allowing connection or access to systems and data. SDP virtually eliminates the attack surface by forming a discrete, encrypted network. This makes all IT assets invisible and inaccessible until verified and authorized.
Regrettably, RasPi is not the only data security challenge for today’s IT professional to overcome. Many business organizations are now utilizing cloud-based disaster recovery (DR) to replace or augment their current DR strategy. In doing so, organizations are able to ensure data availability and business continuity while decreasing cost and management complexity. Unfortunately, many DR strategies rest upon a VPN foundation for data movement and protection. This is, of course, for the reasons outlined above: a foundation already cracking and incapable of withstanding the weight of today’s multi- and hybrid-cloud compute environment. SDP can overcome these issues as well.
RasPi and Cloud-Based DR
In 2020 we are already seeing two key trends emerging rapidly to the forefront that as a security professional, you likely should heed.
The first trend is that enterprises are beginning to take advantage of the ubiquity of RasPi and the security of SDP software to enhance product and services differentiation with valuable, highly protected IoT networks.
The second trend is that a new class of DR software with integrated SDP security is emerging and looking to disrupt the cloud DR market. This new SDP-enhanced DR software is enabling organizations to build smart endpoint DR environments that can seamlessly span on-premises and the cloud without the added costs, complexities and other issues of a VPN.
As with each decade that preceded it, 2020 is ushering in an era of new and exciting technological innovation that will enhance countless areas of our personal and professional lives. It continues to be such fun to imagine the unimaginable. Of course, 2020 will also likely bring with it those with rather nefarious intentions. However, if we plan and execute accordingly, we can spend less time worrying and putting out fires and more time reaping 2020’s technology rewards.
— Don Boxley Jr.
