This is the third and final part in a series on zero trust and microsegmentation. Be sure to check out Parts 1 and 2.
The customer relationship used to be circular — you marketed your products to customers, they purchased products, your company provided customer service as needed and then you marketed additional products to continue the cycle. Your company typically operated separately from other companies, especially competitors. Your organization may have occasionally partnered with another, but it was usually in name only or putting the pieces of the offering together at the end. For many businesses, the solution to safely collaborating with other businesses is through zero trust using microsegmentation.
In the first two articles of our series on microsegmentation, we focused on using this strategy as part of a zero trust approach with both internal partnerships and vendors. In this post, we will delve into how to use microsegmentation to more securely work with clients and partners.
Zero Trust: A Tool for Teamwork
Today, working in isolation just doesn’t work. From open-source development to customer-generated content, businesses now work in a much more collaborative fashion. Companies that try to operate in their own lane, separate from customers and other companies, severely limit their growth and opportunities. With digital transformation, companies now have the platforms and processes to enable more teamwork through the entire process.
Business can also focus on working with customers to co-create success, PwC found. The focus of their research was on the world after the pandemic and creating new value for your business. The message will remain relevant long after the pandemic is over. While this kind of teamwork was gaining traction before 2020, pandemic restrictions sped up digital adoption. In addition, companies that may have shared files before or conducted content reviews in person had to create new ‘places’ in which to work.
Learn more on zero trust
Collaborating Through Zero Trust and Microsegmentation
Creating this kind of environment between companies requires providing at least some form of digital access. The days of providing customers visiting your office a simple guest option for wireless is in the past. Now, companies need to ensure their collaboration efforts don’t compromise data or create openings for threat actors. Even though your customers and partners are not likely to be malicious, each user and device that’s given access to your system creates a new endpoint to secure.
Using the same principle used for vendors, you can create microsegmentation so customers and partners only access what they have business reasons to access. You then configure your network landscape with a zero trust security approach. This checks each device and user, starting with the assumption that no user or device is trustworthy until verified.
Understand Customers’ and Partners’ Business Needs
Because the cornerstone of microsegmentation is business need, you should review the person’s role and determine exactly what access they need to accomplish their tasks related to a project. Instead of just thinking about sections of the network, which is the model for the perimeter security mindset, start by considering the workflow and processes. Think about what systems and applications each person needs to access.
Consider using project management or collaboration software for the project to improve communication and workflow. These tools also help limit access while creating a teamwork mindset you need for business success today. However, simply using these types of tools and providing the partner or customer access is not enough. You should use this and microsegmentation together, as part of an overall zero trust approach.
Microsegmentation and Zero Trust as a Standard Practice
Throughout this series, we’ve discussed how microsegmentation fits into zero trust as well as how to walk through the process of choosing the microsegmentation to use. While the approach may seem constricting and cumbersome at first, your team will quickly become used to the new process and mindset. Approach all access decisions from a point of least privileged access and business needs mindset. This way, your team can securely work together and with other valued professionals, including vendors, partners and customers.