Securing your data in the era of Zero Trust

Against the complex and sophisticated array of threats in today’s digital landscape, organisations have no choice but to adopt a “zero trust” mindset to keep their data safe. This revolves around maintaining strict access controls and not trusting any users or systems by default - including those already inside the network perimeter.

A zero trust model stands in contrast to the traditional approach to cybersecurity, which fails to curtail attacks caused by:

• Relaxed security on internal networks, which enables an attacker who breaches your network perimeter to launch attacks on other systems or to steal critical data.
• Insider attacks, caused by careless or malicious employees and contractors. These attacks are still on the rise, despite ongoing warnings about the escalating risks on this front.
• Device proliferation coupled with lax BYOD policies as employees connect an increasing number of personal devices to corporate resources.
• The continuing migration to the cloud, including data and applications to the public cloud is blurring the boundaries of the traditional enterprise more than ever.

Against a backdrop of increasingly sophisticated cybercriminals and hackers that seek to exploit the above faultlines, a rise in the number of cyber breaches seem inevitable. As organisations acknowledge that a data breach or security incident is inevitable, a more resilient approach to data security is clearly needed to secure the corporate network.

Initially proposed in 2010 by John Kindervag for Forrester Research, zero trust is a security model envisioned to make security ubiquitous throughout the network, and not just at the perimeter. All network traffic is untrusted under the zero trust paradigm, and all resources must be secured with access control limited and strictly enforced.

We recently partnered with Forrester to gauge the opinions of 164 IT decision-makers, and 58% told us that the network perimeter is so difficult to define that it has become indefensible. The good news is that there is an appetite for change, with 84% of respondents agreeing they need to adjust traditional perimeter-based security strategies.

With a range of infrastructure, applications, and data spread across a hybrid cloud environment, we need the ability to isolate each of these environments with their own security policies. As such, micro segmentation represents a vital step in adopting a zero trust security architecture by dividing the network at a granular level.

This allows security teams to tailor security settings to different types of traffic, and limiting ingress and egress traffic flows to those that are explicitly permitted. The right level of access and inspection can then be applied to workloads based on their sensitivity and value.

Advanced technologies such as AI-powered autonomous things, IoT, and other network-enabled device technologies will benefit from micro segmentation due to their larger attack surface. Not only does micro segmentation offer enhanced visibility and control of network resources, it also enables organisations to minimise disruptions by identifying and isolating threats without having to shut everything down.

Because every organisation’s brand is increasingly built around the trust they can build with their customers, building and maintaining a secure digital environment should be a key strategic priority. Zero trust security is the bedrock your business needs for creating trusted relationships in the digital economy.

About the author:

As the Unisys Vice President Commercial & Financial Services in Asia Pacific, my team and I are passionate about how we can align our managed services and solutions to help you drive growth. If you would like to discuss how we can help your organisation solve complex business challenges with innovative and secure solutions, please feel free to get in touch with me at andrew.whelan@unisys.com.