April 13, 2020 By Jesse Sedler 4 min read

For many of us, children are our most critical assets. In order to protect what is important to us, we work hard to know where they are and what they are doing at all times — particularly during those pesky teen years. We also take steps to protect the places where they spend their time. We install cameras, locks and alarm systems to monitor activity and secure the perimeter, helping to ensure our most precious “insiders” can’t exfiltrate themselves from the secure location. These concepts aren’t new; they are simply a product of the world we live in.

It’s no different for organizations trying to protect mission-critical data. Customer information, trade secrets and health records are some of the most sensitive information an organization holds, but too often they are not treated with the same diligence we practice with our families.

Enter Zero Trust

A rise in significant data breaches and an increase in global regulations have the potential to cost these organizations millions in lost business and/or fines. In response, enterprises are starting to implement frameworks that can help mitigate these potential risks with the clear goal of securing their sensitive data. One of these frameworks is Zero Trust.

Zero Trust is a flexible security framework based on the notion of not trusting anyone. Previous security models focused on the IT perimeter, but with the transition to hybrid multicloud environments, the increase in bring-your-own-device (BYOD) models, and the co-mingling of employees and contractors, the perimeter is no longer sufficient. Instead, organizations that use Zero Trust strategies can protect people who need the correct access, secure devices that need to be managed, and implement analytics and response mechanisms to ensure security analysts have full visibility into their environments.

Rethinking the Perimeter for Better Data Security

Data is the foundation for basically everything in an IT environment but is often overlooked for security in outward-facing areas such as endpoints, networks and applications. Using traditional security methods, organizations have built walls around the network and inspect everyone coming in and out, which is not a viable option in today’s enterprise.

Conversely, a Zero Trust framework and architectural approach is characterized by microperimeters (i.e., locking the door to your house then shutting the door to your child’s bedroom) and microsegmentation (i.e., only grandparents and trusted neighbors have keys to the house and the alarm code; the plumber can only enter when you are home). By implementing these two principles, an organization is able to control who has access to what data from what device and on what network.

By taking a Zero Trust approach, the starting point for security architecture needs to come from the bottom and work its way up the IT stack (i.e., applying microsegmentation and microperimeters at the data layer), and then use that information as context as you move to the outward areas of the framework. You can’t build a sturdy, beautiful house without a strong foundation.

4 Steps to Achieve Zero Trust Success

1. Define Trust

The first step in creating your strong framework is creating an inventory of what sensitive data your organization houses and where it resides. Once you know what you have, then you can put rules in place to secure it (i.e., I have two young kids, so I need safety gates by my stairs; I have a teenager, so I need to lock the liquor cabinet).

To further secure the data, an organization should adopt strong encryption to harden the environment. This is akin to having your child ride a bike with a helmet (always!), knee pads and elbow guards.

2. Enforce Trust

Next, to fully understand your data landscape, there needs to be activity monitoring to see who is trying to access all of that data (i.e., using parental controls to track who a child is texting or going on a bike ride with to ensure their safety). Having a clear view of users and behavior as it relates to your most sensitive data is of the utmost importance for any organization.

3. Rebuild Trust

No matter what rules you have in place, a changing business environment means that incidents will still occur that violate those policies. The same is true with parenting! When that happens, it’s important to quickly respond and take precise action to remedy the problem. In the enterprise world, this could mean adjusting the segmentation of the network or wiping a user device.

4. Improve Trust

Protecting your data is a constant process that stretches across all disciplines of security. Robust analytics and machine learning allow for deep visibility into the data environment and filter out the noise from false positives. These analytics should feed an automation engine so if an anomaly is detected, infected users are blocked from accessing sensitive data.

Knowing where your data is and applying identity and access management (IAM) allows the organization to understand who has access to that data and if they should. Layering in a unified endpoint management (UEM) solution gives organizations full visibility and context into the data, the user accessing the data and the device they’re using to create an end-to-end secure framework.

Face the Challenges of a Hybrid Multicloud World With Zero Trust

In today’s environments, where sensitive data is everywhere — flying instantly from an on-premises database to a cloud file share, being accessed via a virtual private network (VPN) on a tablet while out to sea on a yacht — organizations need strong, flexible frameworks to ensure business continuity, compliance and customer trust. Taking a data-centric approach to your Zero Trust initiatives will enable your organization to be ready for the challenges of the hybrid multicloud world we live in today.

So, when you tuck your kids in, set the alarm, hit the lights, and close and lock the door, remember that this is the same approach you should be taking to protect your organization’s sensitive data. Oh, and don’t forget to hide the liquor cabinet key!

Watch the Think Digital session to learn more about the importance of Zero Trust security for your business.

Visit Think Digital Now

More from Data Protection

Data security tools make data loss prevention more efficient

3 min read - As businesses navigate the complexities of modern-day cybersecurity initiatives, data loss prevention (DLP) software is the frontline defense against potential data breaches and exfiltration. DLP solutions allow organizations to detect, react to and prevent data leakage or misuse of sensitive information that can lead to catastrophic consequences. However, while DLP solutions play a critical role in cybersecurity, their effectiveness significantly improves when integrated with the right tools and infrastructure. Key limitations of DLP solutions (and how to overcome them) DLP…

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today