4 minute read
A MATTER OF TRUST
VIBIN SHAJU, PRESALES DIRECTOR, EMEA ENTERPRISE, MCAFEE, ON WHY WE MUST GO BEYOND ZERO TRUST TO SECURE TODAY’S DIGITAL ENVIRONMENTS
As cloud migration and newnormal business models continue to complicate security matters, it is little wonder that zero trust has once again become a hot topic among the region’s technologists. A survey from the first half of this year shows 72% of organisations worldwide are examining the viability of zero trust or have already implemented it. And as part of its 2021 Cyber Resilience report, Abu Dhabi-based Digital14 recommended that the UAE “adopt a zero-trust architecture... to avoid prohibitive financial and reputational costs”.
Advertisement
But given current circumstances — in which under-resourced security teams do battle with a burgeoning threat landscape behind a growing attack surface — zero trust alone may not be enough.
The fact that zero-trust security is also known as “perimeterless” security may be counterintuitive but having a digital open-door means we save on resources. We have now come to accept that getting attacked is not a matter of “if” but “when”, so why expend compute capacity and labor trying to prevent the inevitable? Instead, by allowing everything in (and adopting the position that trust itself is a vulnerability), organisations take an important first step in achieving the kind of safe environment that allows them to focus on innovation instead of constantly doing battle with malicious infiltrators.
True Zero Trust
In the first four months of 2020, McAfee saw a 600% increase worldwide in the use of cloud collaboration services and cyberattacks seemed to mirror this surge, with some estimates putting the increase in incidents at 630%. The UAE saw a 250% increase in cyberattacks in 2020, with the country’s cybersecurity chief citing remote work as a major catalyst. And Saudi Arabia was subjected to 22.5 million brute force attacks in 2020 on remote desktop protocols.
If we continue to build security postures in which we assume we have caught everything before it enters our environments, then malicious processes gain a “trust” status upon breaching the perimeter and have freedom to roam. Zero trust makes no such assumptions, but its original model focused on networks. Today, this approach may be too limited, and since many are still in the process of implementing zero trust, it would be a pity if they were to successfully reach the end of a project journey only to find that their efforts are insufficient to meet the demands of the modern threat landscape. Enter “True Zero Trust”.
True Zero Trust — which we should acknowledge is not a new concept — starts with data, eliminating the concepts of “user” or “endpoint” to replace them with a view of the environment in terms of traffic flow. The start and end points of that flow can be laptops, desktops, and servers or they can be IoT sensors, software containers, and virtual machines.
A needs-first approach
And so, instead of thinking about the user, device or process that is looking for access, True Zero Trust concentrates on the assets that need protecting. Applications, data, and services do not need to be accessed by everyone and everything. At this point, organisations must ask who needs access to what? To maintain business agility, the answers to this question must be allowed to change at a moment’s notice, so real-time visibility of the data environment is critical.
This expanded vision of zero-trust security is tailor-made for the IT challenges of today, where users, endpoints, and applications can reside anywhere — not just regionally but globally. Remote workers use unvetted personal devices to access digital assets. And it is not always possible to predict the various networks through which sensitive data will travel as it makes its way from corporate-controlled storage to the employee and back again.
True Zero Trust accounts for the multilocation, multi-network model, while maintaining the flexibility required to allow businesses to get along in the new normal. Employees cannot be restricted to a subset of tasks simply because they are geographically or architecturally removed from the corporate hub. True Zero Trust allows for the operation of unknown endpoints without taking chances on their pedigree.
Zero trust breeds trust
True Zero Trust spans users, data, identities, networks, and more. It merges happily with a range of tools to accommodate policies without compromising on stack performance or business operability. And it allows security teams to remediate threats across the entire environment.
While many have yet to look into zerotrust security, it will be impossible for regional organisations to ignore, given extant realities. Employees will expect to be able to work from home at least some of the time, and customers will expect seamless service all of the time. The complexity of the environments required to deliver on these expectations cry out for organisations to go beyond zero trust to True Zero Trust.
Digital transformation is continual. As new technologies emerge, new use cases emerge alongside them. In the GCC region, 5G may be the next such emergence, carrying with it yet more complexities that attach themselves to the IT stack. True Zero Trust is a vital component of any threat posture that hopes to match the pace of ongoing change.
