Cloud Security

Zero Trust takes center stage at EIC 2022

Zero Trust takes center stage at EIC 2022
Written by ga_dahmani
Zero Trust takes center stage at EIC 2022

Taking into account the following increase in cyber attacks and the rise of regulations for data protection and information security, Zero Trust as a foundational framework has gained a lot of traction. In fact, according to a recent researchthe zero-trust security market will reach $51.6 billion by 2026.

The Zero Trust framework is based on the “never trust, always verify” philosophy. It is an approach to IT security that employs the concept of least privilege access, granting an entity only the permissions necessary to fulfill its role or function.

DevOps Connection: DevSecOps @ RSAC 2022

in the recent European Identity and Cloud Conference 2022a panel of security experts discussed the best practices for implementing Zero Trust. They emphasized having an ‘identity first philosophy’ to implement Zero Trust security. Frank Smal, EMEA channel manager at Entrust who manages identity solutions, was part of the conversation. When asked what Zero Trust is, Frank replied that it’s not a one-size-fits-all solution, but rather a strategy to approach security holistically: validate all your users, machines, and transactions; control access with granular policies; and encrypt all data transactions.

It also highlighted how, over time, new threat vectors have emerged due to accelerating digital transformation and changing user preferences. There is a growing remote workforce that accesses business assets from anywhere and from any device. Furthermore, the workforce is not just limited to employees: there are vendors, partners, and third-party teams connected to their systems with different access privileges.

How an identity-centric approach aligns with Zero Trust principles

The most important step in building a Zero Trust ecosystem is establishing a single source of control for your entire ecosystem, both on-premises and in the cloud. This means consolidating into a single identity and access management (IAM) solution, preferably one that offers advanced adaptive authentication for high-assurance security. This IAM platform should enable customers to implement a zero-trust approach by providing user authentication, authorization, and access control to the right resources anytime, anywhere.

To have a modern identity as the foundation of a Zero Trust ecosystem, organizations need to understand that it’s not just about multi-factor authentication (MFA). It is about adopting a systematic approach that involves:

  • Gain buy-in from the leadership team and raise awareness of the change that is about to happen – employee surveys are a good way to do this.
  • Identify weak points in the current security solution and prioritize resolution (no big bang approach, please). Choose relevant use cases first with a fixed scope. Prioritizing the most critical workflows will help generate stronger ROI for your Zero Trust initiative. Also, small victories have a big impact in getting people to join the change.
  • Implement flexible MFA that can be operated seamlessly by your distributed workforce. Eliminate passwords from the authentication process and get contextual access controls to verify users and devices at stake before granting access. And finally, continuously validate and monitor identities during the session
  • Commit to the principle of least privilege: Begin with a review of general user requirements. Try to broadly determine what rights each user needs, and create governance that empowers each user, but limits their access to apps, data, and networks they don’t normally need. Remember, users with too many privileges often lead to violations
  • invest in the correct IAM technology that adapts to the security needs of the company. The solution must be flexible to deploy, fast to scale, easy to integrate, and must efficiently manage identities from a simplified interface for easy monitoring. From the end user perspective, the IAM solution provides users with a seamless method to verify their identities and the devices in use to generate the access request.

To find out more, see how our IAM Solution Can Help You Achieve Zero Trust Security.

The charge Zero Trust takes center stage at EIC 2022 first appeared in trusted blog.

*** This is a syndicated Security Bloggers Network blog from trusted blog written by Madhur Bhargava. Read the original post at: https://www.entrust.com/blog/2022/06/zero-trust-takes-center-stage-at-eic-2022/

About the author

ga_dahmani

Leave a Comment