April 13, 2020 By Jesse Sedler 4 min read

For many of us, children are our most critical assets. In order to protect what is important to us, we work hard to know where they are and what they are doing at all times — particularly during those pesky teen years. We also take steps to protect the places where they spend their time. We install cameras, locks and alarm systems to monitor activity and secure the perimeter, helping to ensure our most precious “insiders” can’t exfiltrate themselves from the secure location. These concepts aren’t new; they are simply a product of the world we live in.

It’s no different for organizations trying to protect mission-critical data. Customer information, trade secrets and health records are some of the most sensitive information an organization holds, but too often they are not treated with the same diligence we practice with our families.

Enter Zero Trust

A rise in significant data breaches and an increase in global regulations have the potential to cost these organizations millions in lost business and/or fines. In response, enterprises are starting to implement frameworks that can help mitigate these potential risks with the clear goal of securing their sensitive data. One of these frameworks is Zero Trust.

Zero Trust is a flexible security framework based on the notion of not trusting anyone. Previous security models focused on the IT perimeter, but with the transition to hybrid multicloud environments, the increase in bring-your-own-device (BYOD) models, and the co-mingling of employees and contractors, the perimeter is no longer sufficient. Instead, organizations that use Zero Trust strategies can protect people who need the correct access, secure devices that need to be managed, and implement analytics and response mechanisms to ensure security analysts have full visibility into their environments.

Rethinking the Perimeter for Better Data Security

Data is the foundation for basically everything in an IT environment but is often overlooked for security in outward-facing areas such as endpoints, networks and applications. Using traditional security methods, organizations have built walls around the network and inspect everyone coming in and out, which is not a viable option in today’s enterprise.

Conversely, a Zero Trust framework and architectural approach is characterized by microperimeters (i.e., locking the door to your house then shutting the door to your child’s bedroom) and microsegmentation (i.e., only grandparents and trusted neighbors have keys to the house and the alarm code; the plumber can only enter when you are home). By implementing these two principles, an organization is able to control who has access to what data from what device and on what network.

By taking a Zero Trust approach, the starting point for security architecture needs to come from the bottom and work its way up the IT stack (i.e., applying microsegmentation and microperimeters at the data layer), and then use that information as context as you move to the outward areas of the framework. You can’t build a sturdy, beautiful house without a strong foundation.

4 Steps to Achieve Zero Trust Success

1. Define Trust

The first step in creating your strong framework is creating an inventory of what sensitive data your organization houses and where it resides. Once you know what you have, then you can put rules in place to secure it (i.e., I have two young kids, so I need safety gates by my stairs; I have a teenager, so I need to lock the liquor cabinet).

To further secure the data, an organization should adopt strong encryption to harden the environment. This is akin to having your child ride a bike with a helmet (always!), knee pads and elbow guards.

2. Enforce Trust

Next, to fully understand your data landscape, there needs to be activity monitoring to see who is trying to access all of that data (i.e., using parental controls to track who a child is texting or going on a bike ride with to ensure their safety). Having a clear view of users and behavior as it relates to your most sensitive data is of the utmost importance for any organization.

3. Rebuild Trust

No matter what rules you have in place, a changing business environment means that incidents will still occur that violate those policies. The same is true with parenting! When that happens, it’s important to quickly respond and take precise action to remedy the problem. In the enterprise world, this could mean adjusting the segmentation of the network or wiping a user device.

4. Improve Trust

Protecting your data is a constant process that stretches across all disciplines of security. Robust analytics and machine learning allow for deep visibility into the data environment and filter out the noise from false positives. These analytics should feed an automation engine so if an anomaly is detected, infected users are blocked from accessing sensitive data.

Knowing where your data is and applying identity and access management (IAM) allows the organization to understand who has access to that data and if they should. Layering in a unified endpoint management (UEM) solution gives organizations full visibility and context into the data, the user accessing the data and the device they’re using to create an end-to-end secure framework.

Face the Challenges of a Hybrid Multicloud World With Zero Trust

In today’s environments, where sensitive data is everywhere — flying instantly from an on-premises database to a cloud file share, being accessed via a virtual private network (VPN) on a tablet while out to sea on a yacht — organizations need strong, flexible frameworks to ensure business continuity, compliance and customer trust. Taking a data-centric approach to your Zero Trust initiatives will enable your organization to be ready for the challenges of the hybrid multicloud world we live in today.

So, when you tuck your kids in, set the alarm, hit the lights, and close and lock the door, remember that this is the same approach you should be taking to protect your organization’s sensitive data. Oh, and don’t forget to hide the liquor cabinet key!

Watch the Think Digital session to learn more about the importance of Zero Trust security for your business.

Visit Think Digital Now

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today