John Stock, product manager, Outpost24, discusses how organisations can improve security by implementing zero-trust models.
In the recently released Verizon Data Breach Investigations Report, it was revealed that 34 percent of breaches in 2018 involved insiders. This is a significant number and while it is hard to tell if the insiders were acting maliciously or unintentionally, it does show the damage unmonitored employees can create.
As a result, it is important that all employees are treated as a possible security threat as this can help organisations detect ambiguous events much faster and before any real damage occurs. To help achieve this, many of today’s leading organisations are applying zero-trust models across their users and devices to help strengthen their overall security posture, a concern which has only increased where companies have embraced the concept of ‘Bring Your Own Device’ (BYOD).
A zero-trust model essentially means organisations are ensuring that every new network device or user passes a trustworthy test before they can be allowed access to the network, which inherently reduces the risk of breach in the first place and reduces the risk of any successful breach going undetected. It essentially banishes the trust as a ‘by default’ concept and demands trust be earned by users and devices before it is given.
If an organisation is validating every device, verifying every user and enforcing granular access permissions to determine the who, what and how of data access, they will then start to win the battle against threat actors both inside and out of their perimeter.
If an organisation thinks about all its assets as being external and internet facing, it becomes clear that all assets will require appropriate levels of security scanning before they can be considered trustworthy. The real beauty of this strategy is, the organisation has no inherent trust in anything, security controls can be focused where they can provide the greatest benefit to the organisation.
This saves businesses time, money and improves the overall security posture; and that's the zero-trust win-win in a nutshell.
So, considering all the benefits, how can an organisation go about effectively implementing a zero-trust model within its environments?
Also of interest: What’s the big deal about zero trust?