Once upon a time, IT security was all about defending a traditional network – on site users, servers, and applications.
Today IT security is all about enabling customers, contractors and remote employees who want to use their own devices to have secure access to applications and data that may be on premise, or in the cloud, or across some combination of both. If you aren’t already doing so – you will shortly want/need to let machines running IOT and AI services have access to the same.
.png?width=525&height=420&name=New%20Identity%20Perimeter%20(1).png)
This step change in complexity – combined with a big increase in terms of cyber crime – requires businesses to adopt a new approach – “Zero Trust.”
Zero Trust – as the name would suggest – means that users or machines only have access to applications, data, network resources when they have explicit permission to do so. Zero Trust requires:
- Multi factor authentication – the use of two devices to confirm who is requesting access
- Rigorous enforcement of password standards (passphrases not “Admin”)
- Geo fencing – precluding a UK based identity from being used from Russia
At one level what Zero Trust requires is relatively simple. User access - joiners and leavers – will need to be administered more rigorously than it has in the past.
At another level Zero Trust requires businesses to make decisions that they may not have considered before. They need to think deeply about what applications/data users should have access to fulfil their job role. In a large organisation with many different line of business applications – this can be rather more complicated.
Identity is now THE primary means by which hackers gain access to company systems. Identity Management is your best defence.
How Can TSG Help?
TSG can help you make a plan to adopt Zero Trust – and support you in doing so. We can take responsibility for user administration and monitor activity on your network. We can alert you to anything unusual – or take action on your behalf.
