Don't Trust Anyone. Verify Everyone
Zero Trust Framework
Post-pandemic has brought in a 'new normal' of remote workforce. With an increase in digital landscape, mobile devices, third-party apps, cloud deployment and IOT devices, perimeter-based security is no longer sufficient, and is being gradually replaced by the Zero Trust Model, with Identity at the focal point. At its core, the Zero Trust Model works on the basis that by default all users are not trustworthy. It also rejects the assumption that internal users or machines should be trusted. Implementing a model of Zero Trust within an IAM framework enables organisations to provision access to users anywhere.
Prior to provisioning a user access to the network, systems and data from any access point, the Zero Trust Model establishes the users identity at the forefront itself.
Making Identity the Foundation for Zero Trust
The stages of Zero Trust IAM Strategy
Stage 0: Fragmented Identity. Clients at the beginning of their Zero Trust journey typically have a mixture of on-prem and cloud based applications that are not integrated, causing IT to manage multiple identities across multiple systems.
Stage 1: Unified IAM. To mitigate the security gap caused by having disparate identities, clients in Stage 1 of Zero Trust should consolidate identities under one IAM solution. Along with SSO and Adaptive MFA, unified access polices across applications and servers joins IAM together into secure system for IT to manage.
Stage 2: Contextual Access. Clients in Stage 2 of the Zero Trust journey add context based access polices to their IAM solution. Meaning, gathering behaviour analytics about user context, application context, device context, location and network, in order to apply polices based on informed context.
Stage 3: Adaptive Workforce. In the last stage, clients extend their IAM focus on authorising and authenticating access. Authentication no longer begins only at the front door, but continuously through an adaptive, risk based assessment to identity potential threats.
Hollistic Approach to Zero Trust
Zero Trust People
Enforce User Access with SSO, MFA.
Apply least privilege policies
Think beyond passwords to biometrics, tokens, Auth-0 related solutions.
Zero Trust Networks
Embed segmentation policy within networks
Track user generated traffic through web gateways.
Implement next-gen Firewalls based on Zero Trust to enhance security controls in the cloud environment.
Establish a holistic cloud governance process.
Monitor workload configurations.