COVID-19 and the ensuing lockdowns altered the course of history. Children looked to their parents to provide advice on how to persevere in trying times. I told my children that something good can come from something bad. The same is true when it comes to security. The dramatic shift to a remote workforce was effectively leveraged by many organizations to enhance their security posture.
We recently received a call from the CISO of a large organization, who asked for CDW’s help. He explained that one of his organization’s competitors had experienced a significant security breach that shut down its operations for several days. An employee in an administrative office had clicked a link on a malicious email that opened the door for a devastating ransomware outbreak.
He said, “I know that we’re well protected against this type of simple attack, but I am still concerned. I’d like to use this incident as the catalyst for improving our own security controls. We need to stay ahead of our adversaries.” He had heard about the effectiveness of zero-trust network architectures and asked about the steps necessary to achieve this objective.
He was in luck. The organization had invested significantly in its cybersecurity program. In fact, it had recently completed a CDW security maturity assessment that helped its IT leaders understand the current state of their operating environment and develop a long-term strategic plan for cybersecurity. They were doing everything right, and this phone call was an excellent example of their proactive approach to security.
The Elements of a Zero-Trust Approach to Security
Zero-trust network architecture is a lofty goal for a cybersecurity program. The intent is to shift all trust relationships away from endpoints and devices and instead rely on strong authentication and identity-based access decisions. There are six core components to building the foundation for a zero-trust approach.
Multifactor authentication is the cornerstone of zero trust. MFA solutions give you confidence that your users are who they claim to be, then rely on that to make informed access control decisions.
Data backups protect the organization from catastrophe in the event of a security incident. In response to a ransomware attack or other integrity attack, organizations with solid backup strategies can quickly revert to a known good state and recover their operations as quickly as possible.
Privileged access management solutions allow organizations to enforce the principle of least privilege across all sensitive accounts. From system administrators to senior executives, PAM technology incorporates an added layer of security for the organization’s most sensitive users.
Cloud security posture management allows organizations to extend their security policies into the cloud services that users and IT professionals rely on every day. These services offer a myriad of security configuration settings, and CSPM technology allows teams to stay on top of a rapidly changing environment.
Next-generation endpoint protection solutions move beyond simple anti-virus software and allow organizations to perform behavioral monitoring at the user and device levels, quickly spotting any aberrations that might indicate malicious activity. When situations arise, NGEP platforms can automatically isolate suspect systems to prevent an infection from spreading.
Network access control technology serves as the backstop for all of these measures. As zero trust seeks to move trust relationships away from devices, NAC prevents unauthorized systems from even getting on the network. It’s an important component of a layered defense.
As we wrapped up our conversation, I advised the CISO that a zero-trust approach is a philosophical shift for a security program and that he’d need to work hard to bring his team along for the ride. They shouldn’t approach this change as a one-time project but rather as the beginning of a cybersecurity journey.