Zero-trust network access provider, Cyolo, strengthens authentication offerings

Cyolo, a provider of zero-trust network access 2.0 (ZTNA 2.0) solutions for IT and operational technology (OT), says the demand for data has increased dramatically in recent years and VPNs and other methods have failed to meet organizations’ demands. The company added that organizations now need a more secure way to connect individuals to the distributed resources that are essential to their job.

 ZTNA offers an alternative to VPNs for limiting remote server access. According to Gartner, 60% of organizations will switch from VPNs to ZTNA by 2023.

Almog Apirion, the CEO and cofounder of Cyolo, said that ensuring digital transformation is largely an identity problem. According to Apirion, enterprises can offer comprehensive identification-based access across all users, apps and assets when a solid digital identification is provided. 

Identity, he said, is the new access key since it allows users to access the resources they require without disclosing all of an organization’s digital assets. Gartner forecasts that by 2024, 30% of large enterprises will implement new identity-proofing tools to address common weaknesses in workforce identity life cycle processes.

Authentication and secure digital trust

Cyolo claims that it securely links all organization users (remote and onsite, third-party, OT and so on,) to all of their work environments (on-premises, cloud, hybrid), enabling them to be more productive while safeguarding the network from access-based hazards. Apirion claims that Cyolo addresses issues with high-risk access and third-parties. He asserted that whilst third-party users, such as vendors and contractors, are frequently essential to an organization’s success, they also provide a sizable risk.

In addition, Apirion said the lack of strong authentication is one of the problems Cyolo aims to solve. He said many traditional on-premises and legacy apps lack modern authentication like multifactor authentication (MFA) and single sign-on (SSO). He added that Cyolo allows organizations to extend cloud SSO and adaptive MFA to traditional applications, quickly, easily and cost-effectively. He claimed that the result is stronger security and greater compliance readiness.

Apirion claims Cyolo can also resolve the use of generic and shared accounts. He said that in order to handle operational complexity, enterprises are frequently compelled to manage several user accounts for each application and may be compelled to use generic accounts (re-sharing access credentials with many users). 

This behavior, he said, results in a lack of traceability, raises the danger of breaches and disregards important compliance obligations. He added that the business uses SSO to provide centralized secure user access and connectivity to resources and apps, allowing for more control and visibility.

Cyolo has also set out to strengthen enterprises’ OT remote and on-site access. According to Apirion, most firms find it challenging to secure remote access, but it becomes even more challenging when OT environments are involved.

 The Cyolo solution, he claims, is specifically designed to bring secure digital trust to OT systems. It includes compliance and surveillance features, such as ongoing and just-in-time identity-based authentication and verification with MFA, as well as time-of-day and geolocation-based user validation, session recording and controlled access to resources and applications.

According to the company, it enables organizations to build their own distributed clouds based on infrastructure-as-as-service (IaaS), software-as-a-service (SaaS) and the existing world (DCs, campuses, co-location facilities and industrial locations) by using a single solution, a single policy and a consistent user interface. Cyolo claims that because it doesn’t care where apps and users are located, it offers cloud benefits like infrastructure abstraction.

Through robust identity-based access restrictions, Apirion says that Cyolo enables enterprises to link geographically distributed users to their on-premise, IaaS or SaaS applications. The technology can  also integrate with numerous IdPs to enable third parties or M&A activities, as well as obtain visibility and control over who connects to what resource and what transpires.

Cyolo’s agentless-first strategy gives users a streamlined web-based procedure to access their resources. With this, bandwidth restrictions and VPN agent problems are no longer issues, according to Apirion. Organizations can use Cyolo to integrate their existing point solutions for IT and OT resources, MFA, SSO and other things and build consistent controls from a single dashboard.

By concealing their infrastructure behind Cyolo and blocking all public network access, organizations can reduce their overall attack surface. Apirion says that by doing so,  that organizations can apply complete, real-time user access and control to applications as well as hide application credentials from connected users, both trusted and untrusted.

Differentiating among the zero-trust network access market

Being a CISO, Apirion teamed up with two ethical hackers to establish Cyolo. According to Apirion, they decided to shake up the market by taking an original tack on the architecture that would support an organization’s ongoing digital transformation. He saysthis is the reason Cyolo’s identity-based access control is exclusive to the market.

Cyolo features a trustless architecture in which the company doesn’t view or maintain access keys, only the client does. Cyolo can provide MFA and SSO capabilities to offline systems and operates in all contexts, including cloud, on-premise and hybrid models. Apirion added that for compliance and reporting, Cyolo’s features provide session recording, supervised access and full visibility over who accessed where and what was happening.

One of its competitors, Zscaler, has an operation that depends on GRE tunnels, agents, or PAC files. Another rival service, Appgate, has a complex architecture, which Apirion claims has limited support for low-bandwidth connections because of its agent-based design. Netskope, another rival, has traffic passing through its cloud is repeatedly encrypted and decrypted, which significantly reduces performance, Apirion said.

According to the Cyolo CEO, the company has developed a security architecture where all data always stays with the client, unlike other cloud-based security technologies that store or process consumer information internally. He said that as a result, in contrast to other ZTNA suppliers, Cyolo has no access to or view into client data, effectively eradicating the possibility of data exposure.

Cyolo also just announced a $60 million series B funding led by National Grid Partners, the venture investing and innovation arm of National Grid. This brings the company’s total funding to $85 million, including a series A round completed in 2021.