Cyolo, a provider of zero-trust network access 2.0 (ZTNA 2.0) solutions for IT and operational technology(OT), believes that data demand has increased dramatically in recent years, and VPNs and other methods have failed to meet organizations' demands.
ZTNA is a great alternative to VPNs for restricting remote server access. According to Gartner, 60% of businesses will switch from VPNs to ZTNA by 2023.
Cyolo's CEO and cofounder Almog Apirion said the challenge of ensuring digital transformation is largely identity. According to Apirion, enterprises may offer comprehensive identification-based access across all users, apps, and assets when a solid digital identification is provided.
According to Gartner, identity is the new access key since it allows users to obtain the resources they require without disclosing all of their organization's digital assets. By 2024, 30% of large enterprises will implement new identity-proofing techniques to address common weaknesses in workforce identity lifecycle processes.
In-person or virtual from July 20-28, join us at the world's leading event on applied artificial intelligence for enterprise business and technology decision makers.
Trust in digital identity and safe use
Cyolo claims that it securely connects all organization users (remote and onsite, third-party, OT, etc.) to all of their work environments (on-premises, cloud, hybrid), enabling them to be more productive while protecting the network from access-based dangers. Apirion claims that Cyolo addresses concerns with high-risk access and third-parties.
Apirion pointed out that the lack of strong authentication is one of the Cyolo goals to address. He said many traditional on-premises and legacy apps lack modern authentication, like multifactor authentication (MFA) and single sign-on (SSO). Cyolo allows organizations to extend traditional applications quickly, easily, and cost-effectively.
Cyolo may also be able to eliminate the use of generic and shared accounts, according to Apirion. In order to deal with operational complexity, enterprises are often forced to manage several user accounts for each application, and may be compelled to use generic accounts (re-sharing access credentials with many users).
This behavior, according to him, results in a lack of traceability, increases the likelihood of breaches, and disregards essential compliance obligations. The business uses SSO to provide centralized secure user access and connectivity to resources and apps, thus allowing for greater control and visibility.
Cyolo intends to strengthen businesses' OT remote and on-site access. According to Apirion, most firms find it difficult to secure remote access, but it becomes even more difficult when OT environments are involved.
According to him, the Cyolo solution is specifically designed to provide secure digital trust to OT systems. These include ongoing and just-in-time identity-based authentication and verification with MFA, as well as time-of-day and geolocation-based user validation, and controlled access to resources and applications.
According to Cyolo, it enables organizations to create their own distributed clouds based on infrastructure-as-a-service (IaaS) and the existing world (DCs, campuses, co-location facilities, and industrial locations) by using a single solution, a single policy, and a consistent user interface.
Cyolo, according to Apirion, allows enterprises to connect geographically distributed users to their on-premise, IaaS, or SaaS applications, as well as have visibility and control over who connects to what resource and what transpires.
According to Apirion, Cyolo's agentless-first strategy provides users with a streamlined web-based access to their resources. Organizations may integrate their existing point solutions for IT and OT resources, MFA, SSO, and other things, and maintain consistent controls from a single dashboard.
Organizations can reduce their overall attack surface by concealing their infrastructure behind Cyolo and blocking all public network access. According to Apirion, this allows them to encrypt application credentials from connected users, both trusted and untrusted.
Differentiating among the zero-trust network access market
Apirion, who is a CISO, teamed up with two ethical hackers to create Cyolo. According to Apirion, they decided to shake up the market by taking an innovative stance on the architecture that would support an organization's ongoing digital transformation. This is the reason why Cyolos identity-based access control is exclusive to the market.
Cyolo has a trustless architecture in which the business does not view or maintain access keys, only the customer does. Cyolo can provide MFA and SSO capabilities to offline systems and operates in all contexts, including cloud, on-premise, and hybrid models. For compliance and reporting, Cyolos features provide session recording, supervised access, and complete visibility over who accesses what.
Zscaler, a competitor, operates on GRE tunnels, agents, and PAC files. Apirion claims to have limited support for low-bandwidth connections due to its agent-based design. Netskope, another competitor, has traffic flowing through its cloud repeatedly encrypted and decrypted, which significantly reduces performance, according to Apirion.
According to Cyolo's CEO, the company has developed a security architecture that ensures that all data stays with the customer, unlike other cloud-based security solutions that store or process consumer information internally. So, Cyolo has no access to or view into client data, effectively eliminating the possibility of data exposure.
Cyolo has just announced a $60 million series B investment from National Grid Partners, the company's venture investing and innovation division. The total investment for the company has risen to $85 million, including a series A round completed in2021.