This is the perfect fusion of events for zero confidence to take center stage in the world of cybersecurity: the rise of hybrid and remote work, the ongoing shift to cloud services, the continued growth of mobile devices in the workplace and the onset of complex attacks that can affect entire supply chains.
Organizations have never faced so many challenges in protecting their resources from data, and they have never needed to be more suspicious of users and devices trying to access their networks. The zero-trust model, with its basic concept that users, devices, applications and even networks should not be trusted by default – even if they are connected to an authorized network and even if they have been tested before – is very suitable for today’s typical IT environment.
There is simply too great a risk that an outside entity trying to gain access will actually have malicious intent. Too much is at stake to trust someone or something. One of the more noticeable effects of the transition to zero trust is the realization that traditional virtual private networks (VPNs) are no longer fully capable of providing remote access to corporate networks.
The distributed workforce in the organization can have access to strictly regulated customer data through local or cloud-based customer relationship management and enterprise resource planning systems. They may also need to have access to sensitive commercial intellectual property – all from personal devices.
Organizations need an effective way to protect and authenticate these users, and unfortunately traditional VPNs are struggling to cope with the traffic congestion that generates work from home.
Tanium’s research has found that VPNs are congested were the second biggest security challenge for organizations moving to a distributed workforce. Legacy VPN issues not only threaten traffic security, but also contribute to the growing risk of security threats associated with endpoints.
When the pandemic hit and organizations were forced to allow many employees to work from home, they relied on VPNs to maintain their distributed workforce, but with less than stellar results. Although VPNs are familiar to many users and are already used for remote access, they are not ideal security tools for so many users who rely on devices that are in many cases less secure than they might be. .
VPNs will not provide adequate protection against threats to home networks. In addition, companies with a significant mobile or hybrid workforce will need to maintain a significant amount of VPNs, which can be a burden on IT management and maintenance.
Targeting zero trust
To provide truly secure access for a large number of remote workers, organizations need to think beyond VPNs and fully embrace the zero-confidence model of cybersecurity.
Zero-trusted strategy and tools make it easier for security teams to securely access applications because they have more detailed access controls and users do not receive shared permissions. Access rights are specific and require constant verification.
The term “zero trustIt is widely used in the cybersecurity market and can mean different things to different people. If done correctly, this approach should consider three things: the user’s credentials, the data the user is trying to access, and the device (endpoint) that the user uses to gain access.
By combining the least-privilege principle with a modern approach using contextual access, multi-factor authentication (MFA) and network access, businesses can maintain a more flexible security model that works well with a remote workforce and a busy environment. cloud.
They can reduce the surface area of the attack and ensure that sensitive data is only available to users who need it in an approved, validated context. This serves to reduce the risk.
Device validation is one of the keys to a successful zero-confidence strategy, and since remote operation is a major part of end-user access today, the position of the device is extremely important. Devices are in many cases the new “perimeter” within organizations, and their validation allows organizations to protect against stolen credentials or even stolen devices that cybercriminals can use to gain access to networks.
That is why practicing strong endpoint management is such an important part of the zero-confidence approach. Without accurate real-time endpoint management, organizations cannot enforce or verify device location as a prerequisite for access. Authentication alone cannot guarantee that a device is secure.
The right tool can allow security teams to constantly check the situation of the device in relation to policies and ensure that the zero-confidence approach does not really trust anyone, even after the identity and access policies are in place. Ideally, organizations should be able to integrate new zero-confidence solutions with the tools they already use so that they don’t have to start from scratch.
Key components of zero-confidence practice should include:
- Monitor and enforce device compliance to confirm the security position of the device and enable security teams to take action if something goes wrong.
- Identity and access management to authenticate users and compare their access with role-based rules.
- Network access controls, including restricting access to resources in network segments based on the identity of the user and the device used.
The concept of zero trust can be negative – even paranoid: Don’t believe anything, whether it’s devices and other endpoints, applications, networks or people. However, what the model really shows is that organizations work in uniquely challenging times and a lot is at stake when a data breach or ransomware attack occurs.
More people work remotely, often using their own devices and networks. Companies are relying on cloud services more than ever. The attacks have become more complex and can affect whole supply chains.
Organizations need to take the initiative to ensure that valuable data resources are always protected and to ensure that users and devices trying to access their networks are not harmed.
Execution of a strategy with zero confidence is a really effective way to achieve this level of security. Learn how Tanium can help.