Enterprises are rapidly adopting API-based applications, which rely on public or mobile internet as the primary data transport. In this article, Tri Pham, Chief Strategy Officer at Tata Communications, delves into two key security techniques: Mobile SASE and Zero Trust (Secure Access Service Edge), that can be used in combination to protect enterprise endpoints.
With the arrival of 5G, the trend towards cellular-based IoT projects shifts beyond low-bandwidth massive IoT applications towards more advanced broadband IoT use cases that require higher throughput, lower latency, and larger data volumes. These use cases include security cameras, drones, and connected cars. The integration of IoT devices into business processes to track assets, manage fleets, monitor patients, and ensure proper functioning of production systems 
represents a vast virtual expansion of the enterprise network perimeter, exposing a broader attack surface to hackers and criminals.
IoT devices often have limited processing power, storage, and may use proprietary operating systems, making them unable to support a client-based security software model. They are also transient and may cross multiple network boundaries, making traditional IT security controls inadequate. For “off-network/beyond the perimeter” devices, enterprise IT organisations have limited options for enforcing security controls and little to no visibility on device performance and behaviour. To overcome these obstacles, organisations are increasingly embedding secure networking into the app itself, or leveraging the device SIM.
The mobile network edge is the convergence point for data between endpoints and the cloud, making it a critical location to enforce strong security measures. As businesses adopt hyper-connected transport, healthcare, logistics, retail, and industrial value chains, the risk of cyber-attacks increases. As mobile networks become more open, widespread, and built using APIs, and as workloads move to multi-cloud environments, the threat from cyberattacks and attack surface widens.
“Most of the deployed API-based applications rely on public or mobile internet as the main data transport, which creates a potential for a multi-fold increase in cyberattacks on vulnerable IoT endpoints and API clients.”
Vulnerable API endpoints and gateways need to be protected more comprehensively by enabling developers to embed private, zero-trust capabilities in API client and publisher endpoints. This then enables the API publisher to stop exposing endpoints to the Internet – each API session instead leverages a private network, zero trust overlay.
For remote and mobile IoT devices, IT organisations have limited options for enforcing security controls and have almost zero visibility on the performance and behaviour of the devices.
“CIOs must adopt a comprehensive security strategy to protect their endpoint assets.”
Endpoint-enforced security, which requires an agent to be installed on each device, may not be viable due to device support and the associated management costs. Meanwhile, backhauling all the traffic to the cloud may have a latency impact on application performance, and result in high cloud egress costs. These are key reasons why leading organizations are now embedding the zero trust networking functions into the app itself, and using SIM-based approaches. 
CIOs like Sanjay face a challenge in securing remote IoT devices, such as CCTV systems. Sanjay initially considered endpoint enforced security, but it would have created high operational complexity and cost, especially at scale. Proxying the traffic to the cloud meant too much added latency and high cloud egress costs.
Sanjay and his team have decided that the best option is a network edge security approach, orchestrated from the core network, that eliminates the need for security agents on each device, and does not require all traffic to be backhauled towards a specific cloud environment.
“This approach offers several key benefits over traditional cloud or endpoint security solutions, by eliminating latency impacts on application performance and reducing the operational pain of managing agents across distributed devices.”
It also provides improved visibility and control, robust security for both data in transit and data at rest, while also doing away with the need for integration with Sanjay’s MDM solution. 
In conclusion, CIOs must be aware of the potential threats posed by API-based applications and adopt network edge-based security solutions that follow zero trust principles to protect their enterprise endpoints from cyber-attacks in a rapidly changing technological landscape. Mobile SASE and Zero Trust, when used in combination, provide a comprehensive solution to protect against cyber-attacks, ensuring business continuity and resilience.
To learn more about Tata Communications’ SASE and Zero Trust solutions, click here.
Transformational Hybrid SolutionsOur cloud-enablement services offer the best performance on your traffic-heavy websites or mission-critical applications.
Core NetworksTata Communications™ global IT infrastructure and fibre network delivers the resources you need, when and where you need them.
Network Resources 
Unified Communications As A ServiceBreak the barriers of borders efficiently and increase productivity with Tata Communications’ UC&C solutions.
Global SIP ConnectEmpower your business with our SIP network and witness it grow exponentially.
InstaCC™ - Contact Centre As A ServiceCloud contact centre solutions for digital customers experience and agent productivity.
DIGO – Communications Platform as a ServiceDIGO is an in-network cloud communications platform, enabling you to power up converged contextual human-to-everything conversations globally.
Unified Communication Resources Case studies, industry papers and other interesting content to help you explore our unified communications solution better.
IoT SolutionsThe Internet of Things is transforming the way we experience the world around us for good. Find out more about our Internet Of Things related solutions here.
Mobility SolutionsTata Communications’ mobility services enable your enterprise to maintain seamless communication across borders, with complete visibility of cost and usage.
Multi-Cloud SolutionsWith enterprises transitioning to a hybrid multi-cloud infrastructure, getting the right deployment model that yields ROI can be a daunting task.
Cloud ComplianceCompliant with data privacy standards across different countries and is also designed to protect customers’ privacy at all levels.
IZO™ Cloud Platform & ServicesIZO™ is a flexible, one-stop cloud enablement platform designed to help you navigate complexity for more agile business performance.
Managed Infrastructure ServicesIntegrated with our integrated Tier-1 network to help your business grow efficiently across borders.
Cloud PartnersWe support a global ecosystem for seamless, secure connectivity to multiple solutions through a single provider.
Governance, Risk, and ComplianceRisk and Threat management services to reduce security thefts across your business and improve overall efficiencies and costs.
Cloud SecurityBest-in-class security by our global secure web gateway helps provide visibility and control of users inside and outside the office.
Threat Management - SOCIndustry-leading threat-management service to minimise risk, with an efficient global solution against emerging security breaches and attacks.
Advanced Network SecurityManaged security services for a predictive and proactive range of solutions, driving visibility and context to prevent attacks.
Cyber Security ResourcesCase studies, industry papers and other interesting content to help you explore our securtiy solution better.
Hosted & Managed ServicesTata Communications provide new models for efficient wholesale carrier voice service management. With our managed hosting services make your voice business more efficient and better protected
Wholesale Voice Transport & Termination ServicesYour long-distance international voice traffic is in good hands. End-to-end, voice access & carrier services which includes voice transport and termination with a trusted, global partner.
Voice Access ServicesTata Communication’s provide solutions which take care of your carrier & voice services, from conferencing to call centre or business support applications.
CDN Acceleration ServicesOur CDN Web Site Acceleration (WSA) solution helps deliver static and dynamic content, guaranteeing higher performance for your website.
CDN SecuritySafeguard your website data and customers’ information by securing your website from hacks and other mala fide cyber activities.
Video CDNDeliver high-quality video content to your customers across platforms – website, app and OTT delivery.
Elevate CXIncrease customer satisfaction while empowering your service team to deliver world-class customer experience and engagement.
Live Event ServicesTata Communications’ live event services help battle the share if eyeballs as on-demand video drives an explosion of diverse content available on tap for a global audience.
Media Cloud Infrastructure ServicesTata Communications’ media cloud infrastructure offers flexible storage & compute services to build custom media applications.
Global Media NetworkTata Communications’ global media network combines our expertise as a global tier-1 connectivity provider with our end-to-end media ecosystem.
Use CasesUse cases of Tata Communications’ Media Entertainment Services
Remote Production SolutionsMedia contribution, preparation and distribution are highly capital-intensive for producers of live TV and video content, and their workflows are complex.
Media Cloud Ecosystem SolutionsThe Tata Communications media cloud infrastructure services offer the basic building blocks for a cloud infrastructure-as-a-service.
Global Contribution & Distribution SolutionsTata Communications’ global contribution and distribution solution is built to reduce capital outlay and grow global footprint.
Satellite Alternative SolutionsAs more and more consumers choose to cut the cord & switch to internet-based entertainment options, broadcasters are faced with capital allocation decisions.
LeadershipA look into the pillars of Tata communications who carry the torch and are living embodiment of Tata’s values and ethos.
Culture & DiversityHere at Tata Communications we are committed to creating a culture of openness, curiosity and learning. We also believe in driving an extra mile to recognize new talent and cultivate skills.
OfficesA list of Tata Communications office locations worldwide.
SustainabilityTata Communications adopts a holistic approach and harnesses the power of new-age technologies like 5G, IoT and AI to build a sustainable digital world.
FAQCheck out our FAQs section for more information.
BoardHave a look at our board of members.
ResultsFind out more about our quarterly results.
Investor PresentationsFollow our repository of investor presentations.
FilingsGet all information regarding filings of Tata communications in one place.
Investor EventsAll investor related event schedule and information at one place.
GovernanceAt Tata, we believe in following our corporate social responsibility which is why we have set up a team for corporate governance.
SharesGet a better understanding of our shares, dividends etc.
SupportGet all investor related contact information here.
Oracle
Amazon Web Services
Microsoft
Google Cloud
IBM Cloud
Salesforce
Alibaba Cloud
Digital Futures
Smart Cities
Corporate Venturing and Innovation
