It’s Cybersecurity Awareness Month, so let’s discuss a topic that has been around for a decade but is recently gaining significant traction in business circles: zero trust. The concept of zero trust has been around since John Kindervag coined the term in 2010. Google’s internal implementation through it’s BeyondCorp team in 2011 was one of the first examples. The objective of the group was simply to allow “employees to work more securely from virtually any location,” a very progressive idea given the first Android phone was launched only three years earlier. Businesses are exploring zero trust and have begun to implement it to help manage the flow of corporate data to mobile devices.
Today, mobile working is commonplace. Recent research by Deloitte found that 40 percent of workers use a mobile device as part of their job. The zero trust model is important for businesses that are undergoing digital transformation to enable productive mobile workflows.
Simply put, zero trust means no implied accreditation, always ensure security and only provide visibility into what you need to. Access should only be granted on a case-by-case basis per app; everything else should remain hidden. A successful, scalable and secure mobile-enabled business strategy should incorporate zero trust.
The Advent of Modern Productivity
It is no secret that businesses have embraced mobile workflows for productivity gains. These companies have embarked on continuous digital transformation to capture this latent potential within their organization. The three pillars of this productivity shift are the concepts of enablement, identity and zero trust.
Unified endpoint management (UEM) enables employees to easily use mobile devices to work wherever they are, creating new, more productive workflows. Businesses use UEM today to push apps, password policies and email settings seamlessly to thousands of devices. This technology gives administrators an invisible pair of hands to remotely configure and manage the devices and apps that employees use. The ability to manage Windows 10 devices as well as mobiles has allowed companies to consolidate the configuration tools they use, leading to a rise in UEM deployments.
Identity and access management (IAM) helps by simplifying access. Users only need to remember one password. If the identity of the end user accessing data is known, single sign-on (SSO) can be provided. With the number of business apps ballooning, employees must remember an ever-increasing number of credentials and businesses need better ways to manage access. IAM removes the requirement to remember multiple login details and continuously authenticate. The technology can also act as a security tool, providing a layer for multifactor authentication (MFA) and a single link that IT teams can limit if a breach is detected.
UEM and IAM provide some of the tools IT teams need to control how company data is managed, but both suffer from the critical flaw of implied trust. It is implied that the connection is secure and private, that the device is uncompromised by malware, and that other apps on the device are not leaking information. Mobile threat defense (MTD) acts as a third pillar to create a zero trust posture that truly enables mobile productivity.
Managing a Blurred Boundary
Although many of the opportunities for mobile digital transformation were driven by UEM and IAM, they left a gap in security posture. Businesses knew who was accessing data and through what device, but not whether the device, applications or network were secure. Organizations also struggled to discover whether a compromise had even occurred; Verizon found that 63 percent of business-related breaches were reported by third parties.
MTD can provide the insights businesses need to make informed decisions about when their data is accessed. Continuous conditional access (CCA), a method of consistently evaluating security to determine risky activity immediately, allows businesses to control how and where their data is being accessed in real time. Best-in-class MTD products are capable of providing conditional access by monitoring device, app and network threats to ensure that data being sent to a device remains secure.
Building Zero Trust With UEM, IAM and MTD
Bringing UEM, IAM and MTD services together can enable employees to use their mobile devices to securely access corporate resources. Integrating these three technologies and aligning the policies between them can also create a seamless, unified security stance. An MTD partner that can integrate with your existing services is crucial to building a strong security posture.
The CCA scanning, provided in real time by a strong MTD solution, is the glue that binds the zero trust model for secure productivity. CCA allows for dynamic risk assessment: If a device’s risk profile becomes too high at any point, preventative action can be taken. Leading MTD solutions use threat intelligence engines to monitor a number of vectors, including known and zero-day threats.
Integration with other technologies is extremely powerful once risk levels have been exceeded. After the MTD tool categorizes the risk, it can then communicate with the UEM solution to trigger a seamless, automatic response. Integration with other services such as security information and event management (SIEM) can help improve the IT team’s level of response and visibility when a risk occurs.
In the real world, the scenario may be as simple as an employee downloading an entertainment app for their commute to work. If the entertainment app contains a vulnerability, MTD is designed to detect that corporate information accessed on the device is at risk. Combining the insights gained from UEM, IAM and MTD in a single policy engine helps security and business leaders make richer, more contextual access decisions.
For example, when an MTD solution recognizes a risk, it can work with UEM to prevent access to company services from the device. Informing the employee why action has taken place gives them options to choose how to work. If the IAM system believes the user’s credentials are not compromised, the employee could continue to work from a secondary device. Or, if the main device’s risk profile can be lowered, it could become a work tool again. A single policy engine powered by the three tools can dynamically enable productivity and protection.
How Can Businesses Move to the Zero Trust Model?
The reality is that zero trust isn’t just a single product or service, and there is no industry-standard architecture. As new ways of working develop, IT teams will need to hold BeyondCorp’s mantra close to heart and allow “employees to work more securely from virtually any location.”
Using and linking UEM, IAM and MTD together can create a unified, comprehensive security policy businesses undergoing digital transformation can use today. This will help ensure that enterprise data is securely accessed by only the right users, applications and devices.