Rise of the Zero Trust Model: How cyber security prevention is changing for a hybrid work future
Garth Sperring
General Manager, Networks - Specialist in Wide Area Network and Security Design
Hybrid working is predicted to be a permanent fixture for business and a continuing challenge for IT departments. In the Asia Pacific region, 65% of businesses have more than half of their employees working remotely[1].?
With cyber security attacks increasing in frequency and ferocity, the IT security sector is having to adapt and defend at lightning speed.?
This is particularly clear when you consider threats for some organisations have increased more than 70% in the past eight months.
What is the Zero Trust Model?
Built around the principle of “never trust, always verify”, the Zero Trust Model is a defensive security strategy at the edge.? It assumes that nothing can be trusted and everything must be checked. This assumption applies not only to initial access but also within the network.?
In this approach, users need to prove they have the right to be granted network access and once they’re in, users should only have access to the systems or data areas that are absolutely necessary.? For example, if you don't invoice contractors as part of your job, you shouldn't have access to the billing platform.
This idea of segmenting data and/or application access into “zones” or “areas” reduces the risk of data breaches by limiting the amount of data any one employee can access. In the case of phishing or ransomware attacks, hackers will only be able to steal a section of data, instead of compromising everything.
A good analogy for this is to think about the difference between having an oil tanker with a segmented hull, and a tanker that has a single storage space. If the segmented hull is breached, you only lose a portion of the oil. It’s still catastrophic, but the damage is far less than if you were to lose the full 100%.
This model is an effective way of managing user access to data and helps with mitigating sophisticated phishing attacks.
Why is this approach to cyber security prevention on the rise?
The Zero Trust Model has been around for nearly a decade, but the IT and cyber security communities are making this more of a priority in their strategies, as global workforces move to remote working. In the current landscape, adopting a more defensive position simply makes sense.?
The sheer volume and the shifting styles of attacks are making it increasingly difficult for businesses to accurately identify friend from foe. Asking users to identify themselves each time they initially access, and at intervals during work sessions, is a far better protection method.
Working from home has introduced too many variables for traditional systems to cope with. Some of the biggest risks are unfortunately from employees, and completely outside the control of IT departments.?
For example,?
Using unencrypted WiFi connections that simply aren’t built with security in mind.
or
领英推荐
Allowing the use of personal devices. They may be convenient but generally won’t be up-to-date with antivirus software and may have unregulated apps.?
Building a secure perimeter is simply not enough to stop hackers from accessing your data.? Zero Trust is one of the most effective ways for organisations to control access to their networks, applications, and data.
How SASE supports the Zero Trust Model
The perfect partner for working with a Zero Trust Model is Secure Access Service Edge (SASE).?
Relatively new, SASE is a unified platform that simplifies secure access to critical resources and networks. This more streamlined model allows your IT team to easily connect and secure networks and users.
Both SASE and Zero Trust are defensive security strategies, so they align in the ways each of them provides security, creating an environment that is geared around data access controls and visibility.
Benefits of this approach include:
Using SASE to overcome the security challenges of having applications and data in a mixture of data centres and in the cloud and Zero Trust to verify traffic to the secure environment, you build a framework that is focused on defensive security?
Preparing for the future
When approached in the right way, Zero Trust and SASE can protect critical data systems, simplify user access without compromising effectiveness, and ultimately enhance productivity.?
It’s tempting for businesses to move quickly to increase the strength of their cyber security strategies and invest in secure technologies, but it is critical you don’t just “jump in”.? Make sure you set aside the time to talk to your IT teams or providers to define the specific requirements, what type of solution will best suit your needs, and what is an achievable timeframe for implementation.
References