Security technology has always been a critical concern. But most enterprise security executives don’t need to focus too much of their attention on technology because there are so many excellent solutions out there, such as the robust security and compliance tools built in to the Microsoft platform.
But what CISOs, CSOs and CROs do need to worry about is people and process. Thanks to a COVID-forced flood of new remote sites and multiplying endpoints—including IoT—authentication and identity issues are far more critical in today’s environment.
Many sensitive business operations are moving out of headquarters locations, which means that knowing with a high degree of confidence who is attempting to access enterprise assets has jumped to mission critical status.
Zero Trust is one of the topics Edgile will discuss with Microsoft at Inspire this year.
Properly deployed robust security authentication lays a solid foundation for enterprise-wide Zero Trust. And strict Zero Trust, in turn, requires constant observation (typically AI-based) with periodic reauthentication. With Zero Trust, no part of the system is allowed to assume that this user must be OK just because the user previously passed an identity check.
Zero Trust is hardly a new concept. It has been on the nice-to-have list of enterprise security executives for years. But the tidal wave of new endpoints—associated with the plunge in the number of connections from within HQ buildings—has significantly elevated its relevance. Because this new remote way of doing business is also impacting the enterprise’s partners and customers, Zero Trust impacts compliance as well as security and is the only security foundation that can work effectively in a work from home world.
One of the many troubling aspects associated with the surge in remote sites is that more system interactions are taking place beyond the immediate IT and Security controls. IT and Security still control access, which is why identity is so much more important today. But employees, contractors, partners and customers—in short, anyone with privileged access to your systems and data assets—have more ways to unintentionally get into trouble.
Although workers may be more comfortable and relaxed in home settings, the non-secured mechanisms all around them, including consumer-level WiFi, IoT devices that have never been examined or properly configured, and children engaged in unsafe practices such as downloading games with malware, make it a very dangerous way to conduct business from a cybersecurity perspective.
This is why Zero Trust is now a must-have.