Interviews

Zero-trust mindset

by Mark Rowe

Hank Schless, recently made Director of Global Campaigns at cyber firm Lookout, considers secure data collaboration in the post-pandemic world.

In recent years, our approach to working has drastically changed due to the global pandemic, which has steered the acceleration of remote and hybrid working and the adoption of new technologies within enterprises. While this new style of working offers employees more flexibility, it has become challenging for security teams to keep up with the continuously evolving attack surface within their IT infrastructure. Traditional perimeter security is no longer sufficient to protect enterprises from malicious attacks and can limit their employees’ ability to collaborate effectively while also protecting their data.

In the post-pandemic world, many organisations have embraced the progressive shift towards adopting cloud and SaaS applications to boost productivity, efficiency, and collaboration within their teams. However, it has become critical for enterprises to ensure that a comprehensive security strategy is secured in place alongside the adoption of these applications to preserve the purpose of their existence. Security strategies often outline areas of concern for the enterprise, including the critical element of data protection. An effective data protection strategy can enable organisations to standardise the security of sensitive corporate information to ensure the privacy of customers, and employees, as well as the company’s assets. Thus, it is imperative for organisations to change their mindset and approach towards data security, not only for protection purposes but also to strengthen their cyber security posture to embrace these changes safely and securely.

Leaning into the new tech normal

The increase in the adoption of new devices and remote workers within enterprises can be associated with the continuously evolving concept of shadow IT and the deployment of IT devices, software and services which are outside the ownership or control of the organisation. As a result, enterprises have restricted visibility of their infrastructure, consequently impacting their ability to respond effectively to vulnerabilities, threats and risks. However, rather than fighting against the lack of control, now is the time for organisations to embrace these changes and work towards taking the appropriate measures to identify and manage these devices to protect their data against the risks posed by shadow IT. For instance, security teams may benefit from identifying the most popular app used amongst their employees, running a security review and approving the use of that app within the organisation. Therefore, by reintroducing the app, with authorisation, enables the organisation to regain control of its data and encourages its employees to continue working flexibly and without any restrictions. However, this process would require the deployment of a security solution that can detect when data is being moved to unsanctioned apps. Additionally, the same principles can be applied to organisations that offer a bring-your-own-device (BYOD) program or let their employees work using external networks but with the assistance of endpoint security, to relay the same freedom of control.

Key ways to approach and manage data protection

Managing and protecting data has become incredibly complex for modern enterprises, particularly those that have moved away from traditional perimeter networks and adopted cloud and hybrid infrastructures. Previously, businesses were operating on-premise, and information was stored in data centres confined by a corporate perimeter. This made it easier for companies to understand how their data was being used. However, as the security perimeter has now expanded, companies have limited context about where their data is used, stored and accessed across the many apps and unmanaged devices from outside networks. While some organisations may resort to locking down their data to stay secure, this method would be ineffective as it prevents easy accessibility for employees, hindering their work and productivity. Alternatively, enterprises need to establish a middle ground that uses contextual information to preserve the security of the data while ensuring that it stays accessible to the people who need it at the same time. This can be achieved by investing in solutions that offer modern data loss (DLP) and advanced enterprise digital rights management (EDRM), that will help to identify, protect, and manage successfully within a complex environment. However, legacy DLP and EDRM solutions are not sophisticated enough to compete with today’s data complexity issues. Therefore, organisations must replace their legacy systems with more effective solutions to ensure their data is protected from unauthorised users or suspicious activity.

Be aware of insider threats

While it’s essential for security teams to identify risks to their data from external adversaries, the same efforts should be applied to threats that can occur from inside the network. Insider threats are insidious and considered one of the most significant risks to modern enterprises. Internal attacks operate within your network while having access to critical systems and assets and use familiar devices, which can be incredibly difficult to detect. A successful internal attack can wreak havoc on an organisation’s network and computer systems. Yet, security teams are already inundated with an overwhelming backlog of work to get through to even attempt to tend to internal threats. To counter this, organisations can trust user and entity behaviour analytics (UEBA) to assist with detecting insider threats without the additional workload. The UEBA cyber security process monitors user behaviour and can effectively identify patterns and detect abnormalities from those patterns, to stop attacks in their tracks before they can create significant damage.

Ultimately, building an effective risk management strategy requires the adoption of a zero-trust mindset. The zero-trust approach secures an organisation by requesting verification from all users trying to gain access from inside or outside the network, with the enforcement of continuous validation throughout every stage of the process. Ultimately, zero-trust has become imminent as its methodology has revolutionised how enterprises have historically been approaching network security up until now. Investing in unified solutions such as a data-centric security service edge (SSE) platform, that combines the capabilities of secure web gateway (SWG), cloud access security broker (CASB), zero trust network access (ZTNA) and endpoint security with advanced data protection, can assist an organisation to enable a zero-trust mindset. Furthermore, organisations could benefit from investing in a cloud security platform that offers more control over their data and user flexibility to encourage user productivity from any work location. Ideally, enterprises could seek the investment of an all-encompassing solution that uses advanced DLP, EDRM and UEBA to provide full visibility and control over critical data without hindering user productivity from enabling a successful zero-trust approach.

Related News

  • Interviews

    Enhanced encryption

    by Mark Rowe

    What is enhanced encryption? is the question posed, and answered, by Colin Tankard, pictured, Managing Director of the IT and data security…

  • Interviews

    Forensic evidence

    by Mark Rowe

    Advances in forensic technology are enabling field level examiners to undertake link analysis and other key investigative techniques previously done in the…

  • Interviews

    Ten workplace fraud tips

    by Mark Rowe

    To support ‘International Fraud Awareness Week’ the Midlands-based investigators Expert Investigations have put together ‘top ten tips’ on what measures a workplace…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing