An Interview With Marc Barry
Marc Barry is the co-founder and Chief Product officer at Enclave.
The Enclave solution effortlessly connects laptops, servers, homeworkers, cloud instances, containers and IoT devices together across any infrastructure with zero trust network access.
Marc has a Master’s Degree in Applied Information Security, and a background in security across public and private sector organisations, with a focus on building, researching and securing computer networks.
What is Zero Trust Security?
Marc explains that there are many different definitions of Zero Trust, but to him, it’s an approach, and a way of thinking. “Essentially, it’s a model that assumes that our users, networks and systems shouldn’t be trusted.
“It’s the opposite of what networking has been for the last 30 years and how networks were designed to function. The goal is to reduce the attack surface of the organisation and reduce the impact or risk of a security breach.”
The Enclave Approach to Networks and Security
Enclave creates a fast, zero trust network connectivity between systems located anywhere on the public internet, without opening any firewalls, adding edge devices, or changing the infrastructure.
So, Marc says: “Enclave is a corporate VPN, but it’s a modern replacement to legacy corporate VPNs. Those were rooted in hardware. So many organisations run remotely now, and have their infrastructure and resources all over the place. And we need an effective modern way to connect it all together.
“There are a lot of options out there for private network connectivity. And, the core technology difference for us is that our product is based around what’s known as a mesh overlay network. It’s an architecture in which systems and devices talk directly to one another over the internet, so it’s different to traditional VPNs.”
How to Deploy Enclave Efficiently
Marc says that some customers have reported that it can take a long time to move from a Virtual Private Network (VPN) to a zero trust network access product, especially as there are lots of different architectures available.
However, Marc says that the Overlay Network deployment is a neat process. “You install Enclave, enrol your devices and generate enrolment keys. You share these with your end users, devices and so on.
“Then, you set up policies, tagging your devices that make the most sense to you. The policies define how tagged systems communicate with each other. Finally, Enclave will build the private network for you. It’s like magic!”
The Enclave Integration Strategy
Integration is a big part of what Enclave do, says Marc.
Enclave offers single sign on and conditional access – via a concept they call ‘trust requirements’. These allow users to enrich and augment whatever access that they’ve already got in place.
“These fit in with the policies you already have defined, such as MFA. When we talk about the zero plus network access principle, we want to be as close to the endpoint as we possibly can be. That means we need to build technology that runs everywhere.”
How Enclave Makes Running a Remote Business Effortless
Firstly, Marc explains that as the Enclave business is run remotely, it is also important for them to provide secure, accessible solutions for themselves and their clients.
Secondly, “We’ve spent a huge amount of time making sure that Enclave plays nicely with existing technologies. Not everyone has the opportunity to build their private connectivity and access from scratch. So we’re acutely aware that non-disruptive, incremental deployment is valuable.
“It makes no difference to Enclave where you’re onboarding someone, or even if they’re in a different organisation. The process is the same internally and externally, you just need to have your policies in place. Location isn’t even a factor.”
How a Zero Trust Solution Keeps Users Safe
Marc explains that there are eight phases, or opportunities, to disrupt a cyber attack, known as the Cyber Kill Chain, as defined by Lockheed Martin. Key to this is to make systems and networks as secure as possible.
“We describe this as ‘going dark’, which means you close your firewalls, and don’t have your VPN on a public internet where it’s exposed to threats. Having a door to your network is too much of a risk.
“Look at it this way – if you can’t be discovered, you can’t be targeted. And if you can’t be targeted, you also can’t be attacked. Simply remove your private systems from public networks, prevent anyone from trying to get in and have a zero trust policy will really help to keep your networks safe.”
How to Connect With Marc Barry
- Enclave
- Join the Enclave Slack channel
- Find Enclave on GitHub
- Follow Marc on Twitter
- Connect with Marc on LinkedIn
How to Connect With Me
- Subscribe to TubbTalk RSS feed
- Subscribe, rate and review TubbTalk in iTunes
- Subscribe, rate and review TubbTalk on Stitcher Radio
- Subscribe and rate TubbTalk on Spotify
- Follow TubbTalk on iHeartRadio
- Follow @tubblog on Twitter
Mentioned in This Episode
- The Colonial Pipeline hack
- Billing reconciliation tool: Gradient
- Development tool: GitHub
- Anonymous functions: lambda
- Cyber Kill Chain from Lockheed Martin
- Deployment tool: Kubernetes
- Google security researcher: Tavis Ormandy
- Software engineer: Mark Russinovich
- Computer scientist: Paul Graham
- Computer science news site: Hacker News
- Discussion site: Reddit
- RSA security conference
- InfoSec conferences
You Might Also be Interested in
Richard Tubb is one of the best-known experts within the global IT Managed Service Provider (MSP) community. He launched and sold his own MSP business before creating a leading MSP media and consultancy practice. Richard helps IT business owner’s take back control by freeing up their time and building a business that can run without them. He’s the author of the book “The IT Business Owner’s Survival Guide” and writer of the award-winning blog www.tubblog.co.uk
All PostsYou might like:
Comments