In years past, cybersecurity professionals approached their work with a strong focus on the network perimeter. Everything inside the network was presumed to be trusted, while everything outside the corporate firewall was a potential threat. This approach has not withstood the test of time, and organizations now find themselves operating in a threat landscape where it is quite likely that an attacker already has a foothold on their network through a compromised system, vulnerable wireless connection, stolen credentials or other means.

The customers I work with every day understand the realities of the new threat landscape and are looking for security solutions that help combat this rising threat. I believe that the strongest approach to security in this new environment is adopting a zero trust philosophy. Under this model, we make no assumptions about trust — other than the assumption that no user or device is trusted until they have proved both their identity and their authorization. With this new mindset in place, we then explore five adaptations of the customer’s security controls to better support a zero trust approach.

1. Segment the Network

Proper network segmentation is the cornerstone of a zero trust architecture. Organizations must segregate systems and devices according to the types of access they allow and the categories of information that they process. These network segments can then serve as the trust boundaries that allow other security controls to enforce the zero trust philosophy.

2. Enhance Identity and Access Management

The second prerequisite for implementing zero trust is a strong identity and access management infrastructure. The use of multifactor authentication provides added assurance of identity and protects against credential theft. Deploying role-based access control allows applications to limit access in a manner that enforces the principle of least privilege.

3. Implement Least Privilege at the Firewall

Least privilege also applies to networks. After building out network segments, cybersecurity teams should lock down access between networks to only traffic required to meet business needs. For example, if remote offices do not need direct communication with each other, that access should not be allowed by default.

4. Add Application Context to the Firewall

Modern firewalls go far beyond the simple rule-based inspection of years past. Cybersecurity teams should add application inspection technology to their existing firewall deployments, ensuring that traffic being passed over a connection bears appropriate content. For example, application context controls can verify that outbound Domain Name System traffic actually corresponds to queries and responses and is not being abused by an attacker to stealthily exfiltrate sensitive information.

5. Log and Analyze Security Events

Security requires insight, and insight requires information. Cybersecurity analysts can do an effective job only if they have a consolidated view of security events gathered from systems, devices and applications across the organization’s network and cloud services. Using a security information and event management (SIEM) solution allows for the rapid correlation of massive quantities of security information and provides analysts with a centralized view into that data.

These five steps will help organizations get started with their journey to a zero trust architectural model that can best adapt to evolving cybersecurity threats, both on-premises and in the cloud. I encourage cybersecurity professionals and technology leaders to take stock of their current environments and identify opportunities to enhance their security controls.

Want to learn more about how CDW solutions and services can help your organization meet evolving security challenges? Visit CDW.com/Security.

This blog post brought to you by:

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.