David Notley, Enclave Networks: insecure networks prevent organizations from being agile and innovative
Online privacy is one of the most important factors for both individuals and businesses who use digital technologies. While regular users can protect sensitive information from third parties with the help of a VPN or a Proxy server, large-scale companies with extensive networks require more advanced solutions.
Unfortunately, such solutions can often become complex, difficult to manage and create vulnerability gaps. So, companies suffer not only from high implementation and management costs but also increase the risk for potential cyberattacks.
For this reason, we sat down together with David Notley, the CEO of Enclave Networks, to talk about how businesses can improve their management methods to achieve secure, simple, and efficient private networking.
Tell us more about your story. How did Enclave evolve into what it is today?
Enclave’s Zero Trust Network Access journey started with a collaborative project with Airbus’ Cyber Security Division investigating new technologies for encrypted, peer-to-peer communications that could be effortlessly set up and managed. We raised some seed funding from private investors and Innovate UK to develop our patented tech but we moved up a gear after joining the Start-Up Bootcamp in Amsterdam.
Following this, we raised a round from Berlin Venture Studio, Next Big Thing (NBT). We have been continuing to mature our product and Software as a Service (SaaS) to ensure it’s a true business and enterprise first solution.
In December, 2021, we were thrilled to close another round led by existing investors, like NBT, and new investors – Gula Technology Adventures (GTA) which is a specialist cyber fund based in the USA.
What are the main issues that your Zero Trust Overlay Network helps solve?
Firstly, most organizations continue to expose the gateways to their private networks on the public Internet. So, for example, there will be routinely 5M+ VPN servers accessible on the internet for anyone, anywhere to connect to. Security-wise, that’s just a really bad idea.
Enclave solves that systemic and ubiquitous problem by making all private systems completely invisible to the public Internet. Connection to an organization’s private systems is only allowed once defined trust standards have been met. Secondly, because Enclave is an Overlay Network, secure, private connectivity can be established instantly, without the need to make any changes to the underlay network.
This means that modifications to Firewalls, Access Control Lists, VPNs, routers, switches, Secret Keys, NAT, subnets, and others are not required. This strikes at the heart of what we are seeking to achieve – improved security and agility.
You often state that Enclave is here to get the network out of the way. Would you like to share more about your vision?
Today, networking is just too complicated. So often the network is a blocker to organization imperatives – instead of being an enabler, it’s an expensive cost center that just gets in the way. Organizations need to be agile and they need to innovate. Yet, complex and insecure networks prevent that.
We want to radically disrupt network security and network management. Our vision is a world where secure private networking is on-demand, secure, simple, efficient, and agile. The network becomes an enabler, not a blocker.
How do you think the pandemic affected the cybersecurity industry? Did you add any new features to your services as a result?
The pandemic has helped to focus attention on remote working security, and that’s a big issue, especially with unpredictable networks and Bring Your Own Device (BYOD). But we sense that whilst the challenge is clear, the solutions are not always.
Many organizations still put their faith in flawed VPN technologies, which rely on publicly accessible gateways (VPN servers) into their private networks. Moreover, once access has been granted, all too often unchecked lateral movement inside the network becomes a security risk.
Our view is that organizations should move to a Zero Trust approach, which does not allow any connection until authentication has taken place and which inherently micro-segments the access. The US President has recently issued an Executive Order mandating all that. The Federal network infrastructure moves to Zero Trust and we think that sets a precedent for all organizations, large and small.
However, there is another dimension here – secure networking is not just about remote access. It is also an issue in the Services mesh and multi-Cloud connectivity. So, a Zero Trust approach is required to ensure secure machine-to-machine networking here as well. Enclave’s Zero Trust Overlay Network works for both remote access and service mesh use cases.
What are the early red flags of a compromised network that if overlooked, can lead to serious problems?
Prevention is better than cure. Organizations must be more proactive in ensuring that they are not compromised in the first place. Many solutions will monitor network behavior and status and some measures can be put in place to isolate compromised systems.
But we would suggest that a red flag should be anything that could lead to a compromise. So, for example, if your VPN server is not fully patched, then assume compromise.
There really can be no excuse for leaving vulnerable systems exposed on the Internet. In a sense, it’s a zero-tolerance mantra that, if combined with Zero Trust, could radically alter risk vectors.
What are the most common misconceptions organizations tend to have regarding their own network security?
That trust can easily be established and conferred. There is a good analogy between a military base and a lot of network infrastructure.
With high-security military sites, one would reasonably expect that one’s identity would be thoroughly checked before even entering the front gate. Once inside, one would also expect to have that identity checked again and again as access is sought to different areas of the site, especially if one’s entering increasingly sensitive areas.
And yet, with current network technology based around VPN servers, all too often, parties are let in with cursory authentication and then allowed to wander around anywhere they like.
In your opinion, what kinds of cyber threats should organizations, as well as individual users, be prepared to experience in 2022?
Hackers are and will continue to relentlessly target any systems that are visible to the public Internet. Why? Because it's easy. If a system has a visible IP address, it will be targeted and probed for vulnerabilities.
An organization must be asking a simple question – why do we need to make our private, internal systems visible on the public internet? No one actually needs to do so anymore. There are over 100 vendors of Zero Trust Network Access solutions.
What would you consider the essential security measures everyone should implement?
Take a Zero Trust approach.
And finally, would you like to share what’s next for Enclave?
We have really ambitious plans and our latest funding round gives us the firepower and collaborative partners to scale our Zero Trust Overlay Network solution and help organizations make their network infrastructure more secure and simpler to manage.