In the pandemic situation, the Zero-Trust security has become more relevant in the WFH environment. Read on to know why Zero-Trust security model is significant during the pandemic situation…
In today’s world, conventional security controls are challenged with the evolution of cloud-based security and zero-trust security. This is more obvious with an ever-increasing number of remote workforce as well as mobile and Internet of Things devices (IoT). With the larger adoption of Artificial Intelligence (AI), organizations have long since outgrown their network perimeter and the situation has exacerbated with the prevalence of cloud implementation.
In general, several organizations haven’t got the basics right on security and hence it makes them soft targets for cyber-attacks. In order to cut down the cyber threats, they need to focus on security hygiene i.e. modernizing IT infrastructure, privileged access management and privileged identities, patch management, and reducing the surface attack area.
In future, we are going to see an increase in multi-channel attacks that is going to be more difficult to defend against. So, we need to move into built-in security model that is linked to every asset rather than having security solutions implemented in silos.
Security Challenges of Remote Working
Due to the Covid-19 pandemic, there has been a tremendous number of remote workers in organizations who need to access on-premises applications. This has made the situation more urgent to create a more efficient and secure infrastructure for remote workers.
Today, there is also a greater need to address security team’s concern with dealing with remote workers in Work From Home (WFH). It’s the responsibility of the security team to educate the remote workers on the potential security risks and threats. In the WFM ecosystem, there is always the situation of of employees clicking on malicious URLs or phishing sites, accessing inappropriate content on work devices, and connecting to insecure Wi-Fi networks. Hence, there is a greater need for secure Virtual Private Networks (VPNs) that is likely to stay in the WFH environment.
Zero Trust Model
The solution to the current security crisis lies in organizations adapting to Zero Trust Model which allays the fear from falling as an easy prey into the hands of attacker or being at the mercy of a disgruntled employee.
There are two ways of implementing Zero Trust environment effectively to align with your security plan based on your organization’s goals. The first way is the network-centric approach and the other is data-centric approach — which would serve as a better choice.
In the network-centric approach there are two other things that would be noteworthy. The first one is the micro-segmentation i.e. dividing the network into smaller areas wherein additional authentication is required to traverse between these areas and the other is to grant least privilege for each asset. But, there is down side when we try to implement network-centric approach in a large & heterogeneous environment. In this approach, there would be significant cost involved and also visibility of devices would be difficult especially if we have a Cisco & Huawei switches in the LAN environment. Hence the data-centric approach would negate all these practical difficulties.
Traditionally when a User, DBA or Administrator tries to access to certain data knowingly or unknowingly and then tries to access some other data, where they should not be assigned with the same privilege — it can be difficult to go in and manually undo some of the controls that exist around user authentication. But in a data centric approach if your policy is to authenticate every time a user tries to access that data, then the process os directed to a policy engine that confirms who they are, where they are, what device they’re using, or whatever rules the policy establishes. If something isn’t right, then the access is denied to the user.
The underlying concept of data-centric security is that files and database records need to be protected based on what they contain, rather than where they are located, whether it is within the perimeter or outside it.
Essentially, there can be three ongoing processes surrounding the data centric approach namely Data Discovery, Data Classification and Data Protection. These processes are required to check whether the new and modified files contain sensitive data & applying visual labels and metadata for appropriate handling using encryption, redaction, or other techniques to prevent inappropriate exposure of a file’s contents.
A Brief Conclusion
In conclusion, a data-centric approach is the better choice which is able to support the security of a remote workforce, counter potential insider threats and keep the management at peace.
Author:
K. S. Senthil Kumar, Sr. Manager – MES/INFRA, HYUNDAI Autoever India Pvt. Ltd.