t cht lk they ’ re using a system like Cloudflare ’ s to make it much tougher on attackers .
But the best way to protect most users and their credentials may be to remove the burden on the end-user altogether . The FIDO alliance envisions passwordless sign-in everywhere . Logins will use your face or fingerprint instead of the old usernamepassword combo . A FIDO sign-in credential , sometimes called a ‘ passkey ’, will make it easier on users and harder on the attackers . If there ’ s no password to steal , hackers won ’ t be able to harvest credentials to carry out their attacks . We predict many websites and applications will adopt passwordless login using the FIDO Alliance passkey standard beginning in 2023 .
The cloud takes on compliance
Governments around the world are rolling out new privacy regulations . In Europe , the General Data Protection Regulation ( GDPR ) which became enforceable in 2018 gives individuals more control over their personal data and how it ’ s used . Other countries worldwide are following suit and using GDPR as a model . In the US , there are five states with new consumer privacy laws that take effect in 2023 and more states are considering legislation . And at the federal level , lawmakers are slowly putting forward their own privacy regulations with the American Data and Privacy Protection Act ( ADPPA ) which is an online privacy bill that aims to regulate the gathering and storing of consumer data . in end-user applications . In the past , it was relatively straightforward to fully control end-user devices because they were often issued by and dedicated to company use only . But with the increasing use of personal smartphones and tablets , the bring-yourown-device ( BYOD ) trend has been picking up steam for several years and was even more readily embraced during the various stages of the global pandemic .
Looking ahead , it ’ s our belief that this pendulum of BYOD will swing back toward tighter security and more control by the IT organization . The need to consistently enforce security policies and privacy controls will begin to outweigh the sense of urgency and demand for convenience we encountered during the last few years . But because so much of our digital lives live in a web browser , this control may take a different form than in the past . This new form will mean more control for IT administrators and a better user experience for employees .
John Engates , Field CTO at Cloudflare
Companies must now understand and comply with this patchwork of regulations as they do business globally . How can organizations hope to stay current and build compliance into their applications and IT systems ?
We believe the majority of cloud services will soon come with compliance features built in . The cloud itself should take the compliance burden off companies . Developers shouldn ’ t be required to know exactly how and where their data can be legally stored or processed . The burden of compliance should largely be handled by the cloud services and tools developers are building with . Networking services should route traffic efficiently and securely while complying with all data sovereignty laws . Storage services should inherently comply with data residency regulations . And processing should adhere to relevant data localization standards .
Remote browsers resolve device complaints
Security policies , privacy laws and regulations require all companies to protect their sensitive data ; from where it ’ s stored and processed , to where it ’ s consumed
Browser Isolation is a clever piece of technology that essentially provides security through physical isolation . This technique creates a ‘ gap ’ between a user ’ s web browser and the endpoint device thereby protecting the device ( and the enterprise network ) from exploits and attacks . Remote Browser Isolation ( RBI ) takes this a step further by moving the browser to a remote service in the cloud . Cloud-based remote browsing isolates the end-user device from the enterprise ’ s network while fully enabling IT control and compliance solutions .
Some say in this remote browsing model that ‘ the browser is the device ’. Instead of BYOD , it might be appropriate to call this ‘ BYOB ’ or Bring Your Own Browser . Most companies are looking to better balance the security and privacy needs of the company with the user experience and convenience for employees . At Cloudflare , we use our remote browser isolation in conjunction with Zero Trust access to protect our users and devices . It ’ s completely transparent to users and strikes a perfect balance between security and user experience . We believe remote browser isolation will be embraced broadly as IT leaders become more aware of the benefit and just how well it works . p
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 77