The Importance of Understanding Zero Trust

We know that Zero Trust is essential to protecting data while allowing remote users access to the information they need. But many organizations don’t fully understand what it is. I’ve been deeply involved in IT security for 30 years and am currently a field solutions architect for TD SYNNEX. I hold Broadcom Software Knight Status and hold certifications in Symantec Endpoint Security, Email Security Cloud, Cloud SOC, Web Security Services and Cloud Workload Protection.

In the days when we only had to log into servers from workstations, access to data was easy to control. Now the boundaries are gone as many employees work from home or are on the move. The crucial problem from a security standpoint is how to prove that you are, in fact, you. Many people believe Zero Trust is a product and some confuse it with multi-factor authentication. Instead, I would suggest it’s a strategy to get maximum data protection while delivering performance for workers out at the endpoints, rather than tying them up in a morass of security wickets.

Zero Trust is a data-centric security framework based on the belief that organizations should not automatically have faith in users inside or outside their perimeters. They must verify the identity of everything trying to connect to resources before granting access. It’s about trusting no one.

In 2009, the market research firm Forrester developed the Zero Trust Model which has since gained widespread adoption. Data sits at the center of the Forrester paradigm. People, devices, and workloads surround data and are the three primary “actors” trying to access and use this information. Networks are the central means to connect the actors to the data. The final two pieces of the model are automation and orchestration (the capacity to make components work together to seamlessly enable secure access to the data) and visibility and analytics (the ability to know who is accessing the data for governance and the capacity to detect and prevent unauthorized admittance).

Fortunately, the technologies to drive Zero Trust have been offered by Symantec for quite a while. Extending the concept to people begins with authentication—positively identifying legitimate users from fraudulent ones. Symantec VIP addresses this challenge by providing multifactor credentials and contextual risk analysis from the cloud so that stronger authentication can be applied where it is needed.

Setting Access Rules

Next, you must ensure that only authorized users gain access to sensitive resources. For more than 20 years, Symantec SiteMinder has been helping organizations provide seamless Single Sign-On access to on-premises and cloud-based applications. SiteMinder can also be enhanced through Symantec Secure Access Cloud to manage granular access to applications in IaaS/PaaS environments or on-premises data centers.

But not everyone in an organization should have access to sensitive data. Symantec Identity Governance and Administration addresses this challenge by streamlining and automating the processes associated with reviewing and certifying user access—and it ensures that users are only granted the level of access that they absolutely need.

The next critical piece is guarding your network all the way out to remote workers. Secure Access Cloud provides highly secure granular access management for enterprise applications deployed in IaaS clouds or on-premises data center environments. This SaaS platform eliminates the inbound connections to your network and creates a software-defined perimeter between users and corporate applications. This zero-trust access service avoids the management complexity of traditional remote access tools, ensuring that all corporate applications and services are completely cloaked—invisible to attackers targeting applications, firewalls, and VPNs.

But here’s a wrinkle: You must also provide secure access to the web and this connectivity traditionally requires traffic to be backhauled to a datacenter so security policies can be enforced. That slows performance for users. Symantec Web Security Service provides security for data, apps, and users through a comprehensive cloud-delivered Secure Web Gateway. Built upon an advanced proxy architecture, Symantec WSS offers protection from advanced threats, protection of sensitive information, and compliant cloud application use—all delivered upon a resilient, high-performance network backbone.

Zero Trust also requires efficient investigation and remediation. Symantec provides the telemetry that feeds targeted attack detections, the deep forensic records that speed investigations and powerful tools to quickly address breaches. The company can integrate data-driven analytics and reporting across all control points and create a way to capture telemetry from other solutions within the security stack through Integrated Cyber Defense Exchange technology.

Finally, the Symantec Global Intelligence Network (GIN) applies artificial intelligence to continuously analyze more than nine petabytes of incoming security threat data. It offers the broadest and deepest set of threat intelligence in the industry.

Taken as a whole, these technologies can create an unparalleled Zero Trust environment. If it seems daunting, a Broadcom Software Knight stands ready to assist you now.  You can find a Broadcom Software Knight or learn more here.