Home Zero Trust security will be key in the new normal
 

Keywords :   


Zero Trust security will be key in the new normal

2020-11-09 20:49:52| The Webmail Blog

Zero Trust security will be key in the new normal nellmarie.colman Mon, 11/09/2020 - 13:49   This time last year, I was planning an overseas vacation to Mount Fuji in Japan. Prior to booking that trip, I had met with a large traditional insurance organization to discuss the merits of cloud security. The organizations IT structure had been the same for the last 15 years, powered by on-premises server infrastructure. The teams position was firm: Why fix something thats not broken? The team was most skeptical about data security in the cloud. Outside of the organizations walled garden, they didnt believe it was possible to ensure data confidentiality and integrity. However, despite their apprehension, they agreed to start their cloud journey over the course of the next few years.      Adjusting to a new normal [Because of COVID-19], we saw two years of digital transformation in two months. Satya Nadella, Microsoft CEO   Fast forward to 2020. COVID-19 has challenged the norms for organizations around the world. From an IT standpoint, weve also been forced to work differently. Where choices had been a balance of doing it right versus keeping the business afloat, COVID tipped the balance toward staying afloat. As a result, businesses were forced to make unprecedented, risky changes in an instant. COVID-19 was a major shock for traditional enterprises. For many, continuity planning had only been theoretical and never properly tested. The walled garden security strategy finally broke, creating a hindrance in this new normal. VPNs were suddenly overwhelmed, causing significant usability problems. The traditional enterprise is in a better state today, but not without drastic and potentially risky changes to their security stance.   Now a good chunk of your critical assets are behind the firewall, but all of your employees are not. Christopher Kenesssey, NetMotion CEO   Businesses that were well into executing on their cloud strategy pre-COVID-19 are faring better than those that werent. This is because those businesses had the opportunity to strategize and prepare for the new normal before it arrived. As IT teams around the world pivot toward remote and distributed services, a new model of security is needed. The Zero Trust security strategy is best aligned to provide security across environments.   What is Zero Trust security? Never trust, always verify. The view of Zero Trust security is that we should not trust anything inside or outside of our system perimeters. The strategy enforces the lowest common denominator of trust zero.  As we begin to blur the boundaries between trusted and untrusted, Zero Trust security becomes more relevant. Not owning your cloud-based infrastructure or having end-users connect via untrusted, BYOD devices means not trusting anything without verification users, devices or systems. Contrast this against the traditional walled garden or perimeter approach, where a clearly defined firewall perimeter exists between trusted and untrusted. People, data or systems in the perimeter are considered trusted and anything outside of that is untrusted. Traditional security approaches simply dont work in a world where cloud and remote services are now the rule, not the exception.   Zero Trust security principles Zero Trust security is a strategy, a mindset and an incremental journey for IT security. While there are technologies and products to help with achieving Zero Trust, it is not a specific technology or product. Instead of a rip and replace of your current IT security, Zero Trust augments and enhances your current security strategy.  The key principles of Zero Trust security are: Verify explicitly: Authenticate and authorize based on all available data points (identity, location, device health and an AI/ML derived behavior baseline). Use least-privileged access: Provide just-in-time and just-enough access to the user. Assume breach: Constantly think about breach scenarios including post-breach attacker lateral movement, and work to prevent these scenarios. For example, ensure end-to-end encryption between sessions, leverage micro segmentation, and maintain security analytics to provide a deeper view of threats.   A comprehensive Zero Trust security strategy applies those principles to provide end-to-end protection across your IT components and digital estate, including: Identities: People and services accessing the system. Devices: Devices used to access services, such as BYOD devices. Applications: Applications and APIs that consume services. Data: Information that sits in parallel with applications. Infrastructure: Platforms that provide the environment to host these components (cloud VMs, servers or containers). Networks: Links that allow these components to interact.   Start your Zero Trust security journey We were lucky enough to go on our Japan holiday before COVID-19 took over the world. On that trip, my wife, an avid snowboarder, convinced me to try snowboarding. I thought that I would hate it due to my poor hand-eye coordination.  We started on the beginners slope, where my wife taught me how to turn and stop. Though it initially felt counter-intuitive, I managed to keep my feet locked on the board and maintain my balance. Soon after, we transitioned to more advanced skills like flat-spins and small jumps. It was great! I quickly transitioned to more advanced courses on the slopes. The Zero Trust security journey follows a similar path of learning, practice and confidence. Start with a specific use case within your organization and rethink it in the context of Zero Trust security. Slowly expand your approach across more use cases to increase the maturity of Zero Trust in your organization. How do you rethink security architecture and processes in the context of Zero Trust security? Start by taking our free, online Cybersecurity Risk Self-Assessment to uncover common security gaps in minutes.   Zero Trust security will be key in the new normalTo best protect the increasing numbers of remote users and devices, organizations need a Zero Trust security posture. Read on to find out what that means and where to start. Know your cybersecurity risk score. /node/21749Take the assessment

Tags: new key security normal

Category:Telecommunications

Latest from this category

All news

11.12Het Waterlaboratorium Haarlem kiest voor Omikron CallHelp
11.12Hoge School Leiden kiest ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12Hoge School voor de Kunsten Utrecht kiest ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12Holland Casino Enschede gaat ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV OproepSysteem
11.12Hoogeerd Restaurant Niftrik gaat ook voor een draadloos Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12Hoogheemraadschap Hollands Noorderkwartier Edam kiest voor Omikron CallHelp Bedrijfshulpverlening BHV Oproep Systeem
11.12HCR t' Hoogt Utrecht kiest Omikron CallHelp
11.12Hooipolders Diervoeders Den Hoorn kiest Omikron CallHelp
Telecommunications »
22.12Weekly Recap: Costco to Change Diaper Suppliers, BCNonwovens Acquires Atex USA Inc. & More
22.12Wind hits festive travel as Heathrow cancels flights
22.12Elon Musk's curious fixation with Britain
22.12Valencians struggling to recover from devastating floods
22.12'Worst place I've lived': Vulnerable left in unsafe homes
21.12Smithfield, HD3 Farms sign agreement for independent pork production
21.12This Week in Agribusiness, December 21, 2024
21.12Weekly Recap: AkzoNobel, Rodda Paint Top This Weeks Stories
More »