The roadmap continued - Piller II - Device
Here's to a happy and more secure New Year! May this coming year be the one where organizations ramp up their cyber safety measures - 'cause goodness knows we need it.
This is part VII of the ZTA series, if you have not already done so, please bookmark the series so you can get to past and future vlogs
To ensure the security of any modern organization, a comprehensive device inventory is essential in order to safeguard against potential vulnerabilities or attacks. This should include all organization-owned and personally owned devices (BYOD) allowed on their networks; secured with an advanced zero trust architecture that employs features such as visibility & analytics, automation & orchestration, governance; while strictly preventing unauthorized access from other undesired sources.
Such preventative steps are integral for protecting organizations in this day and age of digital transformation where IoT devices often play an increasingly critical role within existing IT infrastructures. Here's how the various aspects of ‘Device Security’ fair in the roadmap paradigm:
Compliance Monitoring:?
Traditional: Organization has limited visibility into device compliance.
Advanced: Organization employs compliance enforcement mechanisms for most devices.
Optimal: Organization constantly monitors and validates device security posture.
Data Access:
Traditional: Organization’s access to data does not depend on visibility into the device that is being used to access the data.
Advanced: Organization’s access to data considers device posture on first-access.
Optimal: Organization’s access to data considers real-time risk analytics about devices.
Asset Management:
Traditional: Organization has a simplified and manually-tracked device inventory.
领英推荐
Advanced: Organization uses automated methods to manage assets, identify vulnerabilities, and patch assets.
Optimal: Organization integrates asset and vulnerability management across all agency environments, including cloud and remote.
Visibility and Analytics Capability:
Traditional: Organization’s device management relies upon manual inspections of labels and periodic network discovery and reporting.
Advanced: Organization reconciles device inventories against sanctioned lists with isolation of non-compliant components.
Optimal: Organization continuously runs device posture assessments (e.g., using endpoint detection and response (EDR) tools).
Automation and Orchestration Capability:
Traditional: Organization manually provisions devices with static capacity allocations.
Advanced: Organization provisions devices using automated, repeatable methods with policy-driven capacity allocations and reactive scaling.
Optimal: Organization’s device capacity and deployment uses continuous integration and continuous deployment (CI/CD) principles with dynamic scaling.
Governance Capability:
Traditional: Organization manually defines and enforces device acquisition channels and establishes and implements inventory frequency policy. Device retirement requires extensive sanitation to remove residual access and data.?
Advanced: Organization devices natively support modern security functions in hardware. Organization minimizes the quantity of legacy equipment that is unable to perform desired security functions.
Optimal: Organization devices permit data access and use without resident plain-text copies, reducing asset supply chain risks.