sb-au logo
Story image

Are organisations ready for Zero Trust?

25 Nov 2019

Article by Forescout Asia Pacific and Japan systems engineering senior director Steve Hunter

Today’s enterprise environments rely heavily on cloud-based services and infrastructure, which effectively erase the network perimeter.

Workloads, data, and the workforce itself are mobile and need agile security.

Users also demand more access options to more accounts, data, and resources.

Concurrently, the volume and diversity of devices connecting to network resources overwhelm traditional endpoint management.

Because many of these devices, such as visitor devices, bring-your-own-device (BYOD) systems, Internet of Things (IoT) devices and operational technologies (OT), don’t or can’t run corporate management agents, security teams may be blind to many of the devices on their networks, unable to identify their users, assess their security state, or control their activities.

These systemic failings of perimeter-focused security led Forrester Research analysts to develop Zero Trust as an alternative.

Zero Trust assumes that any person or device with access to an organisation’s data is a threat to the enterprise and thus advises organisations not to trust anything.

Instead, a Zero Trust approach will verify the user and the user’s device, or just the device if not a user device, such as a printer or camera, and then restrict access to only the minimum level required for the task at hand every time.

This policy is strictly enforced through intelligent access control and network segmentation.

Despite its clear benefits, very few organisations have turned the concept of Zero Trust into a security practice.

One example of a Zero Trust strategy is the goal of discovering and classifying 100 per cent of the devices that connect to the network—not just those with endpoint agents installed and operational—and to strictly enforce least-privilege access policy based on a granular analysis of the device, user identity and authorisations, software stack, configuration compliance, and security state.

To enforce a restrictive access policy, organisations need to be able to see, assess, and control everything on the network.

According to Forrester analyst Chase Cunningham, “Visibility is the key in defending any valuable asset. You can’t protect the invisible.

"The more visibility you have into your network across your business ecosystem, the better chance you have to quickly detect the telltale signs of a breach in progress and to stop it.”

Forescout has identified three key areas that organisations should examine to improve their visibility position for Zero Trust:

1. Agentless discovery of any device. Employ a combination of agentless active and passive methods to discover all of the devices on an organisation’s extended, heterogeneous network from campus and data centre to cloud and OT networks.

2. Continuous visibility and policy-based device control. Use a real-time policy engine that uses asset intelligence to continually assess devices against policies that enforce expected behaviour.

3. Customisable device intelligence for security operations and incident response. Security operations teams lack a comprehensive view into connected devices and their classification, connection and compliance context. With the right platform, organisations will have a consolidated view of their device landscape and compliance status across the extended enterprise.

Ultimately, to get ready for, and ensure Zero Trust success, organisations need total visibility.

They can achieve this with a comprehensive device visibility and control solution that can see and control hosts that conventional endpoint management systems can’t.

This will let them reach the goal of being able to discover and classify 100% of the devices that connect to the network.

Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Story image
How security awareness training can safeguard companies from cyber-attacks
Training goes a long way in embedding a culture of cybersecurity compliance within the company.More
Story image
Plugging the gaps: Australian organisations are leaving their defence barriers wide open
Cybercriminals are are walking through the gaping holes in Australia’s organisational defences – gaps that leadership teams don’t even realise are there.More