They say trust is a virtue, but in the world of cyber security – the opposite is true.
Business is operating in a changed world where there is no traditional network edge. More staff work remotely, and vital systems are contained in the cloud. This move towards more remote access was already well underway but the pandemic sped things up dramatically.
As the pandemic unfolded, new remote network architectures and ways of working were put into place almost overnight, but the security solutions required to protect it was not an immediate priority. Even basic barriers to security such as having a physical front desk in an office building are no longer a given. The need to take action is pressing – government figures show almost one-third of business in the UK had been attacked at least once a week last year.
Now comes time for organisations to take stock – and a vital approach in protecting how they work is zero trust.
What is zero trust?
Zero trust is a framework with various protocols all designed around one central tenet – that you can assume nothing.
Not everyone logging on to the company system are who they appear to be. And even if they are, they may not have the company’s interests at heart.
More conventional methods of authenticating users like usernames and passwords can be lost or stolen – such as in phishing attacks. So, for these reasons, older security models no longer cut it.
With this in mind, the zero trust framework should have:
A second layer of authentication: Two-factor authentication should be the new normal for all systems.
Restricted access: Users should only be granted access to the systems they need to do their job. This means that if someone does infiltrate a network, their ability to cause damage is contained. If staff do need further access, they should have to request it and it should be time limited.
Audit trails: All access granted should be part of an audit trail, so if any damage is done it can be traced back quickly. Users should be notified they’ve been granted access and that access has been recorded. This puts staff on notice that their movements within the system are being tracked and recorded.
Empowering security teams
There is a plethora of data available to companies now in terms of who is logging on and when, but the challenge comes in making sense of it all. In order to achieve this, security teams need to have to have full visibility so they can easily identify when something looks untoward. This data needs to be easily searchable and understandable.
Once security teams have been granted greater visibility of this data, they should be empowered to take measures to protect the company network. If a user is acting suspiciously or maliciously, the team need to be able to take instant action to disable the threat’s access to company systems. It should also be possible for devices which may be compromised or infected with malware to be disabled at the click of a button, or automatically through pre-set policies.
Ultimately, the concept of zero trust needs to underly all these actions – the idea that nothing in a cyber security context can be taken for granted, now more than ever.
To find out more about how you can take a zero trust approach visit Cisco’s webpage.