Blog

Enhanced Security Through the Zero Trust Model

2022-01-22 RSS Feed

 

Compu-SOLVE is proud to have so many of our team members “give back” to our communities through volunteerism. Jeff Weicker, our Operations Manager, has been involved with minor hockey in Midland for several years now. This year Jeff is on the coaching staff of the Midland Centennial Bantam U15 boys team, and they are having a very successful season. Coaching our youth is a very rewarding experience, but also extremely difficult. The Covid-19 pandemic has made this even more so, however Jeff and his coaching staff continue to work diligently to provide a safe and fun environment for their players. We congratulate the team on a Silver Stick Championship win!  Hopefully, hockey can resume safely, and the team will be able to represent our area in the International Silver Stick Tournament in February!

The modern workforce is more mobile than ever before. Users and devices can connect from anywhere, so companies must protect them everywhere. Zero trust has become a dominant security model for addressing the changes brought on by mobility and a distributed workforce. John Kindervag, the creator of zero trust, defines the guiding principle as “never trust, always verify.” With the zero trust model, you gain better visibility across your users, devices, networks, and applications because you are verifying their security state with every access request.
 

A zero trust approach can help address common security challenges in the workforce such as phishing, malware, credential theft, remote access, and device security.  Because at the end of the day, hackers don’t care how big your company is; they care how weak your security is. They’re more likely to target the companies with the weakest security, no matter how big or small they may be.
 
Adopting this model provides you with a balance between security and usability. Security teams can make it harder for attackers to collect what they need (user credentials, network access, and the ability to move laterally), and users can get a consistent and more productive security experience regardless of where they are located, what endpoints they are using, or whether their applications are on-premises or in the cloud. Let’s look at the three main pillars to adopt a Zero Trust model for your workforce:

Zero trust requires a user be given access only to the applications they truly need to do their job — and no more. It also requires that user identities be verified using a method like strong multi-factor authentication (or MFA as discussed in our November Newsletter)  to establish that they are who they say they are at every single access attempt. Using MFA and establishing user trust is the first step toward building a zero-trust model and protecting against compromised credentials, phishing, and other password-based attacks. MFA adds a layer of security to access a network, application, or database by requiring additional factors to prove the identity of users.

An organization can mark the devices it has registered and expects to see associated with that particular user as “trusted” whether a device is personally or corporately owned, managed or unmanaged. Under zero trust, devices are checked at every access request to ensure that they meet security parameters and aren’t introducing risk. Devices should also be monitored over time to detect potential threats or anomalous behaviour.

Implement requirements for access based on the sensitivity of the resources and the known security state to manage risk levels appropriately. These policies can range from allowing only corporate-managed devices to requiring certain versions of patched software, encryption, or step-up authentication based on user behavior. By enforcing policies that evaluate risk based on attributes like location, user role, and device type, you can have more dynamic control over who and what can access certain applications allowing only the minimum amount of access required for a user to do their job.

Zero trust is the foundation of our security approach at Compu-SOLVE. Our multi-layered approach includes designating user groups within your organization and provisioning “just enough” access, implementation of MFA with location-based approval, network scanning to detect unusual user behaviour, and much more. This combination of automation, hands on network monitoring and a strong emphasis on security and awareness training within your organization, helps mitigate the risk of bad actors gaining access to your data.

Facebook
Twitter
Website
Instagram
©2022 Compu-SOLVE Technologies Inc. All rights reserved. Privacy Policy