Zero Trust Plus Zero Touch Equals Exponential Benefits
By: Mohie Ahmed
Apps are increasingly moving to the cloud, especially as more and more people are working remotely and expect to access them from anywhere, any time, on multiple devices. Despite that, the way enterprises secure access to applications has largely remained unchanged, as they are still focused and dependent on the corporate network perimeter.
The new reality is that there is no longer a “physical” perimeter. In fact, the perimeter is now defined as the people who access networks and cloud applications.
Because of this, more attention is being paid to the “Software Defined Perimeter” (SDP) and supporting that, enterprises are investing in new security architectures to manage the expanding SaaS portfolios they have in place, and the related sprawling attack surface.
This is where ZERO TRUST comes in.
The principle of least privilege (PoLP), which is also known as the principle of least authority, has been an essential aspect of IT security for many years; the most mission-critical enterprises have been embracing the concept behind “zero trust” for decades. It is not a “product” or “platform” per se, but it is a security framework based on the model of “trust no one.” User trust is not granted until the user can be authenticated and authorized. The history of the zero-trust journey coincides with the mass adoption rate of mobile devices and devices connected to the Internet, including computers, IoT, APIs, applications and services that require access to the corporate network.
As the world became increasingly mobile, users were no longer connecting from their computer at the office and began using their own personal devices (BYOD or bring your own device). With the new technology came new security breaches, including zero-day vulnerabilities, which revealed weaknesses in token-based 2FA solutions. This heightened the enterprise IT team’s focus on preparation for zero-day attacks.
The evolution of zero trust forces us to think beyond the firewall and expand the perimeter to anywhere, to ensure protection from stolen or lost credentials, and to protect access to all applications.
81% of breaches target identity through phishing and spear phishing of compromised credentials. Establishing user trust eliminates an incident before it happens.
We appreciate Forrester’s Zero Trust eXtended (ZTX) Ecosystem, which has evolved into a holistic approach to securing data, network, workforce, workloads, and workforce with “monolithic perimeters” into a series of micro-perimeters or network segments to apply granular security controls around them. Here are three pillars:
- Zero Trust Workforce: Authenticate users and continuously monitor and govern their access and privileges
- Zero Trust Workloads: Enforce controls across the entire application stack, especially connections between containers or hypervisors in the public cloud
- Zero Trust Data: Secure and manage data, categorize, and develop data classification schema, and encrypt data at rest and in transit
This is all good, and Ironsphere’s solutions address Zero Trust inherently.
But where does Zero Touch come in?
To configure and manage state-of-the-art Zero Trust framework, especially for large, complex global enterprises, like those we are honored to serve, is hard. It is impossible without Privileged Task Automation, which we have pioneered in the industry.
Ironsphere’s Privileged Task Automation Manager simplifies and automates daily routine tasks and provides a smart programmable interface that supports pre-check, execute, post-check, and roll-back steps.
- Visual, flexible, agile platform for troubleshooting automation.
- Combine automated scripts and IT tasks with human interaction.
- Improves incident management process and reduces down-time.
- Enables error-free configuration changes and eliminates potential service outages.
- Granular control. Delegates tasks to users instead of delegating privileges.
- Reduces operational costs and improves operational efficiency.
- Automates repetitive and routine tasks.
- Schedule tasks to augment after-hours workforce.
- Centralized visibility of business processes and workflows.
- Easy to integrate other IT systems through a restful API and adapter-based approach.
- Schedule and execute tasks based on monitoring and performance-driven events and alerts.
- Orchestration and automation of IT processes that require multi-system integration.
- Workflow-based network configuration and execution with sophisticated validation.
- User and workflow-based activity logging and executive reports.
- Multi-level and multi-type authorization scenarios with role-based access management.
- LDAP, TACACS+, RADIUS, and Local User-based authorization and authentication scenarios.
- Device discovery for detailed equipment inventory and multi-vendor support.
- Adapter based protocol support including SSH, TELNET, SNMP, XML, NETCONF, JDBC, RESTFUL.
When you combine Zero Trust with Zero Touch, you get excellent security coverage without drops in productivity, using software to also ensure precise, efficient, and effective protection. You can learn more about Ironsphere’s PTA here.
As Cyber Attacks Grow, Data Center Operators Can Bring Value-Added Services to Enterprises Leveraging Cloud-Based Access Management Services
No threat facing businesses today has grown as fast, or in a manner as difficult to understand, as the danger from cyberattacks. Cyber threats are increasing in both volume and sophistication, and as the world continues to become more digital with every passing day, cyber threats will only keep growing in both aspects. As a result, organizations today are turning to robust cybersecurity solutions, such as Privileged Access Management (PAM), to keep both their data and their customer’s data safe.
Privileged Access Management as a Service: An Exciting new Value-Added Service for Data Center Service Providers
Given the increasing complexity of compliance, and the growing risk of data breaches, even as public cloud, hybrid cloud, and multi-cloud solutions are being implemented, businesses of all sizes need support in protecting what they connect, and many count on their data center providers for guidance and solutions.
How Secure Are VPNs? Given Increasing Successful Attacks, It’s Time to Take a Hard Look at PAM for Zero Trust Solutions
Since the early 1990s, VPNs (Virtual Private Networks) have been central to providing remote users with access to the corporate network.
Thirty years later, in 2020, when legislation and population health initiatives mandated work-from-home, bad actors recognized and acted upon their massive opportunity to attack VPNs and initiate data theft and ransomware attacks as applications, in the heat of the moment, moved outside the traditional perimeter.