CIOReview | | 9 FEBRUARY - 2023in different formats: regular, Imax, etc. In the traditional model, you visit a theater and buy a ticket so that you may enter the lobby. You now have full access to the theater such as restrooms and concessions. You can basically walk into any of the theaters. Why? There are no ushers at each theater entry to enforce who can go in or out. Therefore, one could watch multiple movies while only paying one fee. Once in the theater, there is still no checkpoint as to what movie guests are attending, nor if they are in the right spot for that movie. Again, think of the movie itself as the data. Once in the front door, guests are authenticated to get into the theater because they bought a ticket, allowing access to multiple data sources (movies) without any additional review.Now, in a Zero Trust environment you still buy a movie ticket and scan it at the door. In result, you still have access to the general areas. However, when you go to various theater rooms, someone will check your ticket again to ensure you are allowed into that specific room. But that is not where it stops, once guests are granted access, an usher would come and verify that everyone is allowed in by doing a thorough review. Such as, are the lights at the proper level, exit signs lit, projector working, everyone in the correct seats and so on. All these factors together now calculate a confidence or risk level. If these factors are all at an adequate level everyone can continue watching the movie without issue. If there are risks, the theater will prompt an action (trigger a policy) to ensure guest are safe and movies are not compromised in the process. There are many checks, balances and risk factors to consider in a Zero Trust implemented environment. Now if you think of the above scenarios, traditional vs Zero Trust, picture this as your network's environment and a malicious actor. A malicious actor would have a much easier time gaining persistence and moving throughout the network (or in this case the theater) while gaining access to multiple data sources then in the Zero Trust scenario.Reducing risks with Zero TrustHaving access to a network with wireless options provides new functionality that was not available prior to the Covid-19 pandemic. Unfortunately, this new functionality comes at a cost.Zero trust is the strategy every organization should be implementing. With zero trust's ability to impact and adapt to changes in technology, its method considers how users interact with their data and securing it to allow the right data, to the right people at the right time. It protects what matters most: the identities and the data. When we talk about identities don't just think of them as humans, it can be other systems or IoT (Internet of Things) devices as well.When thinking of Zero Trust I always refer to these principles:· Trust No One1. Know your people and your devices· Validate identity at every step2. Design systems assuming they are all compromised· Distrust everything, so when a breach happens you are as protected as you can be3. Use Dynamic Access Controls· Access to services must be authenticated, authorized, encrypted at all times, and can be revoked during a session4. Constantly evaluate risk· Include context in risk decision· Monitor and log in every location possible· Aggregate log, system and user data· Right size protections5. Invest in defenses based on the classification of data· Spend more money defending the systems at greater riskThe Zero Trust model identifies all communications as untrustworthy and recognizes that the system can be breached at any time. Its foundation is built on enforcing the need for:· Strong identities· Authentication· Trusted endpoints · Network segmentation· Accessed controls· Data Segmentation· User and system attribution to protect and regulate access to sensitive data and systems· And most important, understanding the data for which you are trying to secureTo be 100% secured against all attacks is not realistic, but the Zero Trust mindset implies that the network's security should be analyzed both internally and externally. With most organizations being supported by remote work, there are now different risks. The transfer of information can be compromised if the right steps are not enforced. An organization can customize their security risk with gateways, allowing or revoking access based on individuals' work requirements. Innovative access and authentication policies immediately suggest additional verification. Step-up challenges verify an already in place two-factor authentication when a support has been breached. We have only scratched the surface of Zero Trust in this article and there are certainly different nuisances and thoughts on the subject. They are not all wrong, but the more we collaborate and share our thoughts, the better we get at moving towards effective cybersecurity implementations. Good luck on your journey! Some of the largest security exploits have been within the boundaries of organizations' networks
< Page 8 | Page 10 >