Digital Trust and Zero Trust: What’s the best approach?
When it comes to digital trust, zero-trust is on the top of the list for most organizations, especially those that have been dealing with remote and hybrid working employees. While digital trust is often achieved when an organization can provide a sufficient amount of security and privacy for its data and employees, maintaining visibility, in the long run, is still crucial.
As zero trust looks at every connection on the network, a key component of it is having identity security on almost every connectivity to the organization. Today, there is a myriad of identity security tools available that can advocate businesses towards achieving digital trust. However, reports have shown that implementing identity trust continues to be a hassle for most businesses.
To understand more about how organizations can achieve digital trust through a zero-trust approach via identity security, Tech Wire Asia speaks to Budiman Tsjin, Solutions Engineering Manager for ASEAN at CyberArk.
What is identity security? Is it similar to a zero-trust approach?
Identity Security is a core set of capabilities that enables organizations to secure the access of human and machine identities to an organization’s assets and data while enforcing the least privilege and enabling Zero Trust. it focuses on securing individual identities throughout the cycle of these identities accessing critical assets, making it a core tenet of the zero-trust approach. This means authenticating credentials accurately, and then authorizing users with the proper permissions, to access privileged assets in a structured manner – all in a way that can be audited or accounted for.
Zero Trust is not a solution or technology but rather an approach to security based on the principle of “never trust, always verify”. This approach ensures every user’s identity is verified, their devices are validated, and their privileged access is intelligently limited to just what they need – and taken away when they don’t. As the embodiment of this model, Identity Security offers a set of technologies and best practices that are foundational to achieving Zero Trust.
By assuming that any identity – whether human or machine – in a network that may have been compromised, organizations can turn their attention to identifying, isolating, and stopping threats from compromising identities and gaining privilege, before they can do harm.
How can it help organizations improve their cybersecurity protection?
We know that nearly all major cyberattacks follow a similar attack chain:
1) Steal and abuse the identities and credentials to get inside
2) Looking for high-value targets and higher privileged identities and credentials
3) Exploit privileged credentials that provide powerful access to accomplish their goals
Identity-based security controls are critical for detecting and thwarting attacks that have already made their way inside the organization’s infrastructure. With them in place, we can focus on protecting our most valuable assets to prevent data theft and disruption. Without them, we are at risk of a data breach like the major attacks that keep making headlines.
Identity-based security controls protect organizations mainly in two areas:
- The first part of how it helps organizations is to enable access to accounts. Identity Security is used to empower workers and customers with easy, secure access across apps and resources from any device they use, from any location they are at, and at just the right time when they need access.
- Secondly, identity security protects by enforcing privileges to special accounts within an organization. Identity Security platforms include Privileged Access Management (PAM) solutions to address a wide range of use cases to secure privileged credentials and secrets wherever they exist: on-premises, in the cloud, and anywhere in between. PAM is used to continuously discover and manage privileged accounts and credentials, isolate and monitor privileged sessions, and remediate risky activities across environments.
Identity Security also includes Endpoint Privilege Management which is used to enforce least privilege, control applications, and prevent credential theft on Windows and Mac desktops, as well as Windows and Linux servers to contain attacks. Importantly, PAM secures remote vendor access to the most sensitive IT assets with mobile device enrolment and biometric MFA, without the need for VPNs and agents.
With remote and hybrid working still being practiced by some companies, how are the risks evolving?
The general consensus is that flexible working arrangements raise productivity and give employees better work-life balance. However, with employees spread out physically over different networks, the attack surface expands raising organizations’ threat vectors. CyberArk conducted a survey in 2020 and found that 70% of remote employees use unmanaged personal devices to access corporate systems.
More than 90% have reused passwords across applications and devices, while about a third admitted that they allow other members of their household to use their corporate devices for activities like schoolwork, gaming, and shopping, and 37% insecurely save passwords in browsers on their corporate devices.
Workstations are now one of the easiest ways for attackers to compromise identities, launch ransomware attacks, exploit privileged credentials and start moving toward sensitive IT systems and exfiltrate confidential data.
At the start of the pandemic, security decision-makers were focused on making remote work feasible and fast. They revamped Identity and Access Management (IAM) strategies, cobbled together what they had, and accomplished technical feats in tight timeframes. They worked around the clock, made some tough calls, and cultivated unexpected new leadership skills along the way.
Today, these security leaders are turning those rapid response plans into permanent Zero Trust-centred cybersecurity programs.
In the second part of Tech Wire Asia‘s conversation with Tsjin, he discusses more about the challenges businesses are facing when it comes to digital trust as well as the common attack techniques being used.
- Cybercriminals are shapeshifting to evade security controls
- Google Cloud is adding regions in Malaysia, Thailand and New Zealand
- Malware attacks are here to stay and have a new target in its line of sight
- Ensuring seamless tech adoption for financial markets around the world
- Organizations are strengthening their software supply chain security efforts to avoid past incidents