Adopting The Zero-trust Security Model: Key Considerations

By Author: appsian
Total Articles: 115
Comment this article

As businesses manage their data across different applications and environments, and users have more access to data at more interfaces, the perimeter of a network becomes porous and less defined. This causes the surface of the threat to expand as the edge becomes untenable.

Cybercriminals are moving beyond the desktop to connected devices to get to your confidential data. It is no longer sufficient for security leaders to protect their networks only on the periphery. A much more comprehensive approach to protecting the company's network and sensitive assets is required as the perimeter lines become blurred, which means focusing on the data itself and adopting a zero-trust security model concerning data access.

Zero-trust is a fundamental shift in corporate security from a failed perimeter-centric approach to one that is data-centric. The traditional security strategy was to incorporate perimeter-based security protections with legal access to data properties and trust insiders in general. Protecting against a compromise is, however, becoming more difficult as networks and applications become more decentralized.

Although ...
... organizations have robust edge security systems in place, incidents from both inside and outside the organization also cause violations. Insider attacks can arise due to a lack of care when handling data or because the sheer number of incidents overwhelms the security teams monitoring sensitive applications. They can be difficult to detect too. Fifty-four percent of organizations have admitted that they continue to ignore security alerts while they are anxious.

The acts of a malicious insider can also cause breaches. The zero-trust paradigm does not place much emphasis on the difference between the insider and the outsider. That is to say, no one is trusted.
In a survey by The Ponemon Institute, a lack of trained security professionals stood out as a major issue. As one of the top reasons as to why they will likely have a data breach, sixty-five percent of respondents reported "insufficient in-house expertise." Sixty percent of respondents were concerned about a breach caused by IoT devices, the survey also found. Sixty-five percent think that they will experience credential fraud because a careless employee is compromised.

Another study found that sixty-six percent of businesses are more likely to perceive malicious internal threats or unintentional breaches than external attacks, with a high percentage finding them more destructive as well. And how do you prevent an infringement from occurring on the inside? Knowing where your personal data is stored is not enough. The zero-trust model means you also know what the data is, who has access to it, and why.

Security practitioners need to take a "cradle to the grave" approach to tracking requests for data access by individuals or devices in order to fully adopt the zero-trust paradigm without influencing whether the request for access originates from within or outside the network perimeter.

Through using data analytics and insight to capture a comprehensive data flow starting from the initial access request, traversing all applications and middleware, and recording what is done with the data and by whom once it is reached, it can highlight unusual trends and flag up potential threats. The zero-trust paradigm reflects a fundamentally new outlook that demands granular visibility into data access across the entire network.

Appsian One of the leading ERP data security,compliance,implementation solutions provider that gives organizations to complete control and visibility over their ERP data.