Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Nebulon Expands Zero-Trust Edge Solution with Two-Person Commit

March 2023 by Marc Jacob

Nebulon, Inc.®, announced two new zero-trust offerings: Two-Person Commit and Single Sign-on (SSO). This announcement advances Nebulon’s security offering, which includes advanced authentication and authorisation, always-on encryption, and 4-minute ransomware recovery capabilities—all critical for securing distributed edge data centre locations.

Gartner ® predicts that by 2026, only 10% of large enterprises will have a mature and measurable zero-trust program in place, up from less than 1% today.1 In another report, Gartner notes, “Through 2026, more than half of cyberattacks will be aimed at areas that zero-trust controls do not cover and cannot mitigate”.2 Zero-trust infrastructure best practices are critical for both perimeter-level protection as well as internal processes—particularly for destructive actions that can delete data or infrastructure configuration. Furthermore, the ever-expanding and geospatial distribution of infrastructure makes the coordination and rotation of secure passphrases especially challenging.

Nebulon has announced Two-Person Commit, a security policy that has its origins in military protocol and has become a welcome addition to the arsenal of IT security controls. This policy protects organisations from accidental or malicious destructive actions by providing an additional layer of security for Nebulon-based clusters or groups of clusters. Once a user enables the Two-Person Commit security policy, certain operations in the cluster group must be approved by two people in the organisation, including deleting clusters, volumes, snapshots, and disabling the security policy.

Nebulon’s Two-Person Commit policy includes three parties: “requestor”, the user that requested an action, “approver”, a user that is approving the request, and “arbitrator”, the Nebulon customer satisfaction team. The role of the arbitrator is to ensure that the requestor and approver are distinct individuals. Without an arbitrator, an administrator could create a secondary (virtual) user account to approve their own requests.

Nebulon has also announced Single Sign-On (SSO) for Microsoft Azure Active Directory environments, allowing users to sign in and access their Nebulon-based infrastructure using their Azure Active Directory credentials. Nebulon SSO also supports the mapping of Active Directory groups to other groups in Nebulon’s cloud (NebulonON) to further simplify user and group identity management. This new authorisation capability improves perimeter protections by (1) separating the responsibility of identity management and infrastructure management, (2) simplifying username and passphrase management, and (3) improving identity protection when paired with multifactor authentication (MFA).


¹Gartner Press Release, “Gartner Predicts 10% of Large Enterprises Will Have a Mature and Measurable Zero-Trust Program in Place by 2026”. January 23, 2023.

2Gartner, Predicts 2023: Zero Trust Moves Past Marketing Hype Into Reality, Published 6 December 2022, By John Watts, Jeremy D’Hoinne, Dale Koeppen, Charlie Winckless


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts