Tech Journal Perimeter Security and Zero Trust: Securing a Moving Target
By Michael Moore / 27 Jul 2021 / Topics: Networking Modern workplace
By Michael Moore / 27 Jul 2021 / Topics: Networking Modern workplace
At the end of the day, what types of policies do you have in place to ensure that you’re able to mitigate risk quickly?
The past year has been pretty unique. Many businesses faced interesting challenges from the rush to implement work-from-home scenarios and the need to adopt new processes and tools, all while working in a new environment. Regardless of where you sit in your organisation, you’ve probably felt the impact.
Organisations have been walking a tightrope, trying to maintain connectivity and productivity while preserving network security. In the rapid shift to accelerate and expand remote connectivity it’s not surprising that we’ve seen an increase in cybercrime. Malicious actors have seized the opportunity to exploit security gaps and deploy attacks in enterprise environments such as ransomware and other software.
Because of this, it’s important to have security measures in place internally to identify and mitigate attacks not if, but when they inevitably occur. It’s also just as critical to enforce tighter security at the perimeter to prevent these instances and protect your data at the start. And, with data living in a dispersed environment, and the network perimeter no longer fixed, this a vastly multifaceted challenge. That’s where Zero Trust comes into play.
Perimeters were already changing, pre-COVID-19. Organisations were scaling dispersed IT environments as hybrid cloud gained popularity, and remote work has existed for decades now. For many, it’s been some time since the network perimeter was centralised, easily defined and easily defended.
But with the rapid evolution that came with the pandemic, nearly all organisations found their network perimeters exploding as they scrambled to enable and secure remote user devices, data centers and clouds. Enabling remote connectivity directly expands the network perimeter, and everywhere the perimeter expands, security risk follows. Resolving that risk means taking an approach that drives visibility and control across every layer of the network — exactly what the Zero Trust framework helps us do.
Embracing Zero Trust is critical right now, not just to address the security gaps popping up in light of pandemic-related changes, but also to ensure that continued IT transformation delivers maximum benefit and minimum risk. With rapid growth in cloud applications, the intelligent edge, remote and hybrid workplaces, and other technologies enabling flexibility and advanced capabilities, the perimeter is only going to continue evolving. Finding a way to secure this moving target is necessary to keep transformation profitable. The multilayered safeguards in place informed by Zero Trust principles make reliably secure connectivity and data protection possible, even as the perimeter expands and evolves.
As you’re thinking about Zero Trust and the architectures that support that framework, first, consider your workforce: endpoints, contractors, employees and vendors. Then, consider the devices in your network, where they connect from and how they’re connecting. These are crucial elements that your Zero Trust architecture should be considering before providing access to your data and network. Multi-factor authentication is great for this, since it ties access to identity as the trust broker, ensuring only authorised devices, tied to authorised users, access your network.
Next, consider workloads. How are your workloads positioned in your environment? Are they in the cloud, in the data center or somewhere else? For effective security you need to have visibility into how your workloads, processes and backend connections are running for different applications. It’s also important to know how users are connecting to them, regardless of where the workload resides.
A lot of technologies have machine learning and artificial intelligence enabled that can assist to baseline device behaviors and allow you to create policies from that information so that if a deviation is detected, it can be stopped in its tracks. At the end of the day, what types of policies do you have in place to ensure that you’re able to mitigate risks quickly?
The last piece is your actual workplace. Think of everything inside your traditional security perimeter: wired connections, wireless and even VPN connectivity. You need to know how you’re securing every connection within the corporate network, from users to Internet of Things (IoT) technologies. It’s critical to be able to identify and profile every device as it comes on the network before providing network access, rapidly revoking access to compromised devices to limit threats from moving laterally within your environment. This is really challenging without a network access control solution that can handle that kind of network security directly from the edge of your network.
To conclude, as you’re going down the Zero Trust path and looking to implement architectures and solutions that will secure those areas, there are three considerations to prioritise.
First: Ensure visibility. Look for solutions that provide visibility across your entire enterprise environment. Without it, you’re not going to be able to create the policies and control you need for comprehensive security infrastructure and strategy.
Second: Ensure your solutions never assume trust is binary. You need the ability to evaluate and authenticate connections dynamically, with the agility to modify trust when changes in the state of the device or user occurs.
Third: Remember your perimeter is everywhere you’re making access control decisions. You need to be able to make access decisions based on identity and associate a level of trust at each connectivity point in your environment. When you can do that, your perimeter is protected, no matter how dispersed it is.
When you’re ready to take control of your perimeter security, contact Insight. We’ll identify technology solutions and strategies to help you implement a Zero Trust approach and protect your workforce, workloads and workplace — even as your perimeter keeps expanding.