Organizations are leaning toward the zero-trust model after experiencing multiple enterprise security breaches through employee accounts. This zero-trust approach gives no one an unauthenticated pass when accessing proprietary assets and systems. Its primary method is to view all requests for access as a threat until they successfully pass the relevant identification protocols. Forcepoint’s senior director Jim Fulton explains that zero trust is necessary because of the rise in cloud services popularity. In this article at the Threatpost, Tara Seals clarifies why enterprise security must be zero-trust.
Strengthening Enterprise Security
Fulton adds, “Zero-trust principles are crucial for cloud security, especially for cloud applications that can be potentially accessed from anywhere on the internet.” Since users must authenticate every time they access zero-trust company databases, cybercriminals get fewer chances to infiltrate.
It’s a Cloudy Affair
Applying the zero-trust model to the cloud infrastructure will add several layers to enterprise security. Continuous validation, exclusive permissions, and detection of anomalies in this model should protect companies better. Additionally, a cloud access security broker (CASB) is one of the ‘sensitive applications’ that enhances multi-factor authentication tenfold.
More Visibility But Less Attack Surface
Incorporating the zero-trust approach into your organizational security serves two purposes. It gives you a granular view of the susceptible areas and thereby allows you to reduce those attack surfaces.
How to Ensure Zero-Trust Enterprise Security
The approach cannot be integrated overnight but must be one of the long-term company security goals. Trend Micro cybersecurity VP Greg Young predicts that the mid-sized companies will profit the most from the zero-trust model. But they should start small first. Choose your processes that require minimum effort for implementation or prioritize critical resources. Meanwhile, secure access service edge (SASE) technologies should combine CASB, ZTNA, and secure web gateway functions. This enables SMBs to have a centralized enterprise security control panel.
To view the original article, please visit this link: https://threatpost.com/zero-trust-guide/179377/
