1

We should Learn How To Zero-Trust

Извините, этот текст доступен только на “Английский” и “Украинский”. For the sake of viewer convenience, the content is shown below in one of the available alternative languages. You may click one of the links to switch the site language to another available language.

Any CISO will tell you one of the biggest issues they face is insider threats — particularly in large organizations where sensitive data is plentiful and easy to take.

 

With the growing number of cyberattacks and data breaches, businesses are swiftly approaching more robust security mechanisms. And zero trust architecture is one of them.

 

Don’t trust anything, because if we trust nothing, we’re more likely to prevent bad things from happening.

 

Zero trust can be defined as the security concept based on a belief that enterprises shouldn’t automatically trust any device or individual, whether inside or outside its perimeters and should strictly verify everything before granting access.

 

In a nutshell, zero trust relies on the principle of “don’t trust anyone.” This architecture cuts all access points until proper verification and trust are established. No access is provided until the system verifies the individual or device demanding access to the IP address, instrument, or storage.

 

This strategic initiative helps prevent data breaches as the concept of trusting anyone is eliminated, even if the access request is from within the network. Hence, implementing zero trust architecture ensures the highest level of security and mitigates the risk of a data breach or unauthorized access.

 

Implementing a zero-trust architecture in today’s era is crucial since cybercriminals are exploring new ways of breaching organizations’ security. Moreover, in a post-covid world, where remote working has swiftly become the new routine, identity thefts and unauthorized access are creating big hurdles for enterprises.

 

Hence, it’s crucial for organizations to think outside the box and not just rely on conventional security mechanisms, including multi-factor authentication. Zero trust architecture has become the new normal.

 

But how can enterprise security architects go from that broad, overriding philosophy to a workable, adequate protection against insider and other threats?

 

  1. Identity:

Employees must use enterprise-managed identities to access the applications they use in their work. Phishing-resistant MFA protects those employees from sophisticated online attacks.

 

To ensure properly controlled privileged data access, enterprises must employ risk-based access by taking a holistic view of users and gaining a deep understanding of their responsibilities and authorities, as well as having the ability to verify user identities when they attempt to access data. They must also implement strong enterprise-wide authentication practices and consolidate the means of authenticating to as few department-managed identity authentication systems as practicable. This improves insights into “normal” user activities, enables better detection of abnormal behavior, facilitates more effective security policies that limit unnecessary access, and enables quick detection and action against anomalous behavior.

 

  1. Devices:

Enterprises must maintain a complete inventory of every device it operates and authorizes for business use so they can prevent, detect, and respond to security incidents on those devices.

 

  1. Networks:

Enterprises must encrypt all DNS requests and HTTP traffic within their environment, and begin executing a plan to break down their perimeters into isolated environments.

 

  1. Applications and Workloads:

Departments within enterprises must treat all applications as internet-connected, routinely subject their applications to rigorous empirical testing, and welcome external vulnerability reports.

 

  1. Data:

Create a clear, shared path to deploy protections that make use of thorough data categorization and security responses, focusing on tagging and managing access to sensitive structured, unstructured, and semi-structured documents.

 

Enterprises should leverage whatever cloud security services are available to monitor access to their sensitive data, and implement solutions that enable enterprise-wide data visibility, logging, and information sharing.

 

The road to a zero trust model is long and rarely aligned with the traditional cybersecurity strategies to which we have grown accustomed. The good news is, the more goals you can achieve that lead to a real zero trust model, the better you will be at mitigating security risks to your enterprise

Related Posts

card__image

Роль человеческих ошибок в кибербезопасности и чего ожидать в 2023 году?

В течение следующего года многое из того, что мы видим, будет продолжением уже знакомых многим тенденций. Это означает:   ПРОГРАММЫ-ВЫМОГАТЕЛИ ЭВОЛЮЦИОНИРУЮТ:   До тех пор пока враждебные страны поощряют злоумышленников, а те продолжают атаковать организации-жертвы, продолжающие выплачивать выкупы, не стоит ожидать, что программы-вымогатели скоро исчезнут. Скорее всего, злоумышленники будут использовать все больше инноваций, чтобы опережать […]

card__image

Угрозы для государств, рост атак нулевого дня: Microsoft Digital Defense Report 2022

Недавно Microsoft опубликовала отчет о цифровой защите за 2022 год, в котором представлен текущий ландшафт угроз, анализ первой решистско-украинской гибридной войны, текущее состояние киберпреступности и предоставлены рекомендации по успешной защите от будущих угроз.   Государственные хакерские группировки становятся все более весомой угрозой, поскольку они все чаще атакуют объекты критической инфраструктуры и быстро используют уязвимости нулевого […]

card__image

QA Тестирование и тестирование безопасности: почему лучше делать это вместе

Качественное программное обеспечение, приложение или продукт являются результатом высоко ориентированной на процесс функции качества (QA) в жизненном цикле разработки программного обеспечения (SDLC — Software Development Life Cycle). Однако иногда это рассматривается как дополнение, поставляемое в конце, чтобы проверить все аспекты продукта или программы перед тем, как предоставить ее для общего пользования или конечного потребителя.   […]

Добавить комментарий

Ваш адрес email не будет опубликован.