This is the third and final part in a series on zero trust and microsegmentation. Be sure to check out Parts 1 and 2.

The customer relationship used to be circular — you marketed your products to customers, they purchased products, your company provided customer service as needed and then you marketed additional products to continue the cycle. Your company typically operated separately from other companies, especially competitors. Your organization may have occasionally partnered with another, but it was usually in name only or putting the pieces of the offering together at the end. For many businesses, the solution to safely collaborating with other businesses is through zero trust using microsegmentation.

In the first two articles of our series on microsegmentation, we focused on using this strategy as part of a zero trust approach with both internal partnerships and vendors. In this post, we will delve into how to use microsegmentation to more securely work with clients and partners.

Zero Trust: A Tool for Teamwork

Today, working in isolation just doesn’t work. From open-source development to customer-generated content, businesses now work in a much more collaborative fashion. Companies that try to operate in their own lane, separate from customers and other companies, severely limit their growth and opportunities. With digital transformation, companies now have the platforms and processes to enable more teamwork through the entire process.

Business can also focus on working with customers to co-create success, PwC found. The focus of their research was on the world after the pandemic and creating new value for your business. The message will remain relevant long after the pandemic is over. While this kind of teamwork was gaining traction before 2020, pandemic restrictions sped up digital adoption. In addition, companies that may have shared files before or conducted content reviews in person had to create new ‘places’ in which to work.

Learn more on zero trust

Collaborating Through Zero Trust and Microsegmentation

Creating this kind of environment between companies requires providing at least some form of digital access. The days of providing customers visiting your office a simple guest option for wireless is in the past. Now, companies need to ensure their collaboration efforts don’t compromise data or create openings for threat actors. Even though your customers and partners are not likely to be malicious, each user and device that’s given access to your system creates a new endpoint to secure.

Using the same principle used for vendors, you can create microsegmentation so customers and partners only access what they have business reasons to access. You then configure your network landscape with a zero trust security approach. This checks each device and user, starting with the assumption that no user or device is trustworthy until verified.

Understand Customers’ and Partners’ Business Needs

Because the cornerstone of microsegmentation is business need, you should review the person’s role and determine exactly what access they need to accomplish their tasks related to a project. Instead of just thinking about sections of the network, which is the model for the perimeter security mindset, start by considering the workflow and processes. Think about what systems and applications each person needs to access.

Consider using project management or collaboration software for the project to improve communication and workflow. These tools also help limit access while creating a teamwork mindset you need for business success today. However, simply using these types of tools and providing the partner or customer access is not enough. You should use this and microsegmentation together, as part of an overall zero trust approach.

Microsegmentation and Zero Trust as a Standard Practice

Throughout this series, we’ve discussed how microsegmentation fits into zero trust as well as how to walk through the process of choosing the microsegmentation to use. While the approach may seem constricting and cumbersome at first, your team will quickly become used to the new process and mindset. Approach all access decisions from a point of least privileged access and business needs mindset. This way, your team can securely work together and with other valued professionals, including vendors, partners and customers.

More from Zero Trust

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Does your security program suffer from piecemeal detection and response?

4 min read - Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of taking automated responses on the endpoint Anomaly detection in silos (e.g., network separate from identity) If any of these symptoms resonate with your organization, it's…

Zero trust data security: It’s time to make the shift

4 min read - How do you secure something that no longer exists? With the rapid expansion of hybrid-remote work, IoT, APIs and applications, any notion of a network perimeter has effectively been eliminated. Plus, any risk inherent to your tech stack components becomes your risk whether you like it or not. Organizations of all sizes are increasingly vulnerable to breaches as their attack surfaces continue to grow and become more difficult — if not impossible — to define. Add geopolitical and economic instability…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today