In a recent interview with SafetyDetectives, Andrius Buinovskis, the head of product at NordLayer, delves into the nuances of modern cybersecurity and how NordLayer is carving a distinct niche in this competitive arena. With over two decades in the IT industry and a profound passion for cybersecurity that began in 2015, Andrius leads NordLayer’s product development with a keen focus on market demands, client needs, and robust technical innovation. His approach is not just about advancing technology but also fostering a team environment where confidence and empowerment are key to tackling security challenges. Under his leadership, NordLayer emphasizes simplicity in deployment, excellence in service performance, and the highest quality of support—factors that distinguish them in a sea of generic solutions. As the cybersecurity landscape evolves, NordLayer remains committed to enhancing protective measures and ensuring seamless and secure user experiences.
Can you please introduce yourself and talk about your role at NordLayer?
I started my journey in the IT field more than 20 years ago, and I’ve been interested in cybersecurity since 2015. Today, as the head of product at NordLayer, I drive our development agenda by constantly exploring the market, understanding our clients’ needs, and assessing our technical capabilities. More importantly, I focus on building confidence within our product team members, empowering them to tackle complex security challenges and transform our discoveries into additional layers of protection for our clients.
How does NordLayer differentiate itself in the crowded market of cybersecurity solutions?
Terms like “easy to deploy,” “service performance,” and “support quality” are commonly used in this industry. However, for us, they represent more than just words. They are the foundations of our solution.
Our cloud-based approach eliminates the need for hardware, streamlining user provisioning and enabling centralized policy enforcement. This ease of deployment is key, simplifying the implementation process for organizations of all sizes. Furthermore, our bare-metal servers and the proprietary NordLynx protocol, built on WireGuard®, ensure top-notch service performance, delivering unmatched speed and security.
While many providers claim to offer excellent support, at NordLayer, we back it up with numerous positive reviews across various channels. Our dedicated support team is always available to assist our customers, ensuring their peace of mind and addressing any concerns promptly.
Additionally, our Smart Remote Access feature solves the challenge of accessing resources behind mobile access points without static IP addresses. This solution provides secure and seamless access, regardless of the resource’s location or network configuration.
Could you elaborate on the core principles of zero trust network access (ZTNA) and how NordLayer implements these principles?
The core principles of zero trust network access revolve around the idea of continuous verification and least privileged access. Instead of inherent trust based on network boundaries, ZTNA dictates that access requests should be constantly validated against multiple contextual factors before granting access.
These core tenets include verifying the user’s identity through strong authentication methods, ensuring the device used meets security compliance standards, analyzing the context like geographic location for potential risks, and strictly limiting access privileges to only what is absolutely required.
NordLayer implements additional authentication measures to verify user identities. For instance, it enables organizations to check if devices comply with predefined security rulesets before granting access. Additionally, NordLayer allows controlling access based on the user’s geographic location, ensuring resources can only be accessed from approved countries or regions. With teams, gateways, and a cloud firewall, IT managers can perform access segmentation, ensuring users and devices can only access specific authorized resources.
Secure access service edge (SASE) is becoming a buzzword in the cybersecurity space. How does NordLayer align with or contribute to the SASE model?
SASE was introduced in 2019 by Gartner, and within it there are two parts — networking and security. Later in 2021, Gartner introduced SSE as the segment detached from networking and focusing on security while using a regular network.
NordLayer’s product suite falls squarely within the SSE segment, with our offerings revolving around secure web gateway (SWG), zero trust network access (ZTNA), and firewall-as-a-service (FWaaS). These are the core security components of the SASE framework, designed to provide comprehensive protection and secure access for today’s distributed workforce and cloud-based resources.
What challenges do businesses typically face when transitioning to a zero trust security model?
One of the primary challenges is the precise rethinking of their security needs in the context of their environment, data, and users. This crucial step forms the basis for a proper implementation that does not conflict with existing or legacy systems and does not drastically compromise productivity.
Another significant challenge lies in choosing the right product that aligns with the company’s current needs and fits within their budget constraints. It’s essential to select a solution that can seamlessly integrate with the organization’s infrastructure and workflows.
During the implementation phase, businesses may face resistance from employees or administrators who need to adapt to new security protocols and behaviors. Proper implementation should aim to minimize disruptions to productivity, but some level of change is unavoidable as ingrained habits need to be modified.
After the initial implementation, constant maintenance, monitoring, and adjustments are required to keep the zero trust security model effective. Companies rarely operate in a static environment, with new employees joining, others leaving, and the introduction of new devices and technologies. The zero trust model demands continuous adaptation to these dynamic changes within the organization.
By acknowledging and addressing these challenges proactively, businesses can smoothly transition to a zero trust security model, ensuring robust protection without compromising productivity or creating unnecessary friction for users and administrators.
Looking forward, what are some of the key trends or innovations in cybersecurity that NordLayer is focusing on?
We recognize that effective cybersecurity requires a layered approach to mitigate threats effectively. It involves not only technical service capabilities but also intuitive, easy to understand, centralized and precise configuration based on best practices of cyber security.
First, we are continuously expanding our security offerings by adding additional layers of protection. Second, we are investing in enhancing network monitoring and observability features within our platform. Our goal is to empower organization administrators with greater visibility and control over their security configurations. As the cybersecurity landscape continues to evolve rapidly, our commitment at NordLayer is to stay ahead of the curve.