Worldwide spending on cybersecurity is approaching $200 billion a year, yet organizations still face a near-constant barrage of cyberattacks. What’s more, those that are successfully hacked or breached are likely to be attacked again — repeatedly. A Vanson Bourne study found that organizations reporting a breach during the previous year were subsequently hit with roughly 30 more attacks.
Given the inadequacies of conventional measures, industry analysts suggest most organizations should transition to zero-trust cybersecurity practices. The zero-trust model essentially assumes that everyone and everything accessing network resources is a threat until their identity has been verified and validated.
Zero trust represents a departure from perimeter-based defenses that use firewalls, access controls and other security tools to create a barrier between the public Internet and the private network. Perimeter defenses represent a classic castle-and-moat approach to security — deny access to malicious outsiders in order to protect trusted insiders. But these defenses become less and less effective as organizations increase their dependence on mobile, cloud and remote resources that exist outside the firewall.
A zero-trust approach assumes there are malicious actors both inside and outside the network. It doesn’t replace perimeter security but augments it with a variety of tools designed to verify the identity of every user, validate every device and limit access to a need-to-know basis. Core zero-trust technologies include identity and access management (IAM), multifactor authentication (MFA), real-time user verification, device validation, privilege limitations and network segmentation.
Because zero trust isn’t a single product or technology, many companies assume implementation will be a difficult, expensive and time-consuming process. However, it doesn’t have to be a forklift upgrade. Instead, you can take an iterative approach, deploying and integrating core technologies over time.
Cisco, for example, recommends a phased approach to implementing its industry-leading zero trust framework. A great place to start is with Cisco Duo, a multifactor authentication (MFA) solution that verifies the identity of users and the health of their devices before granting them access to applications. Here are five important ways that Duo lays the groundwork for zero-trust security:
- User verification: Duo enforces two-factor authentication before granting access. When users attempt to log in to corporate resources, the easy-to-use, cloud-based tool generates a second authentication factor, typically in the form of a phone call, text or a code from the Duo app.
- Device verification: Duo’s Device Insight collects information about users’ devices as they authenticate. It automatically flags any devices that are out of date, jailbroken or otherwise out of compliance with security policies. It also tracks versions of operating systems, browsers and plugins.
- Policy enforcement: Duo allows you to set up and manage detailed access policies in minutes via a simple, intuitive administrator dashboard. You can customize policies for different users, devices, locations and many other contextual factors.
- Frictionless access: Duo’s single-sign-on feature creates an easy and consistent login experience. Users can log in to a single, MFA-protected dashboard to gain access to all of their applications, whether they are on-premises or in the cloud.
For decades, network security was designed to create a barrier between trusted users, devices and apps and the outside world. That doesn’t fit with modern workstyles that require more fluid movement between public and private networks. Give us a call to learn more about the zero trust model and the supporting technologies that provide a new focus for network security.