Trust but verify is one of the primary principles of security in a traditional enterprise with the mandate for IT organization to provide a safe environment while ensuring ease of use and access to the employees and devices. However, with the recent explosion in connected smart devices, advancements in technology/software and evolution of devices, this leaves the company wide open to both insider and outside attacks.
Issues in traditional approach to device security
With traditional perimeter-based and endpoint security, enterprises protect the entry into and egress from the network, define and group devices/users into subnets/VLANs using a specific set of usually static rules, use authentication mechanisms centered around users, and install agents to detect and prevent malware. These methods though necessary, are not enough to protect against the threats posed by unmanaged devices, credential misuse, IoT devices, wrong configuration, insider mal-intent, and lateral movement of threats once they enter the system. There are many publicly known instances of costly breaches that have occurred at well-known large enterprises for each one of the threats mentioned above and this is only increasing each year.
Why Zero Trust is the way to go
Zero Trust is rooted in the principle of “Always verify, never trust”. This is designed to address security, access privileges and control in the network by leveraging micro-segmentation and performing granular access enforcement based on users, devices, data and location properties.
Zero trust in a smart device context means that each user, device, data flow, and location should be monitored/observed continuously and grant/revoke access to other resources on network based on these observations. To do this effectively we need:
- HyperContext™: Deep context about every device, resource and user in and around the network
- Micro-Segmentation: Ability to dynamically micro segment devices based on the above context and geo location
- Dynamic Control: Dynamically control access to these devices and users have, to other resources in the network based on context and real time threat assessment
- Automation: A strong policy engine driven by a combination of a strong understanding of the enterprises business requirements and automation to handle devices at IoT scale
In my next blog I I will share more about about each of these components to implement a Zero Trust approach to device security. As October is National Cybersecurity Awareness month I encourage you to rethink your device security strategy and implement a Zero Trust approach. To speak with a WootCloud sales rep please click here