In just a few years, the concept of Zero Trust has risen to prominence as the network perimeter of old has dissolved thanks to digital transformation, mobility and the cloud. The new perimeter is no longer the enterprise network firewall, but the identity of every person or device accessing the corporate workloads and data.
This is the third in a series of blog entries from Symantec Enterprise, a division of Broadcom (NASDAQ: AVGO), on modern Identity and Access Management. The first entry discussed how IAM has reached an inflection point and must change, and the second covered the characteristics of modern IAM. In this entry, I’ll explain how modern IAM embodies a zero-trust approach to cyber security.
The new perimeter is no longer the enterprise network firewall, but the identity of every person or device accessing the corporate workloads and data.
But first, what is Zero Trust? Because organizations are under constant attack, they must assume bad actors have compromised a user's identity or their device hence no user or entity, inside or outside the firewall, should be trusted. A Zero-Trust approach to cyber security responds to this reality with a defense-in-depth strategy, including multi-factor authentication (MFA), least-privilege access, DevSecOps, and micro-segmentation. It’s important to remember that a Zero-Trust strategy does not exist for its own sake but to deliver business benefits. These fall into two major categories:
- Protecting the organization and its customers by safeguarding their data. The more valuable the data, the more stringent risk policy must be.
- Enabling business activity and employee productivity. Every identity is given least privilege access so users can get their work done. The degree of access is adjusted according to risk.
In practice, nearly every cyber security decision is based on risk. Since identity is the new perimeter, continuous verification and adjustment of access to meet acceptable-risk policy is required. For example:
- When a user accesses a database from headquarters, access to 1000 records might be granted, but when accessing the same database remotely from another location, the same user might be granted access to only 100 records.
- When a user attempts to access sensitive systems remotely at times or locations that are inconsistent with previous normal activity, access might be denied.
- When users access data and applications from anywhere at any time, risk levels increase, necessitating the use of multifactor authentication and adjustment in authorized access.
The degree to which an organization makes an investment in zero trust depends on the risk associated with its data, reflecting business, legal and regulatory requirements. The more sensitive the data, the more an organization should implement Zero Trust using contextual, risk-based authentication, authorization, sessioning and analytics.
Zero-Trust Technologies from Symantec Enterprise
The Symantec Enterprise portfolio contains a multi-tiered stack to help you implement Zero Trust through modern IAM. Here are some highlights:
- VIP Authentication Services establish and/or confirm user identity based on context and credentials.
- SiteMinder manages access based on rich authentication and authorization policies.
- Privileged Access Management ensures that privileged users only have needed access to sensitive information, and monitors the activity of these credentials.
- Identity Governance and Administration defines roles & responsibilities, provisions user access, and ensures that governance is in place to audit usage for least privileged access.
- Information Centric Analytics aggregates input from different sources to help you understand where the risks are and how to deal with them.
- CloudSOC implements Cloud Access Security Broker (CASB) technology to enable secure access to SaaS, PaaS, and IaaS resources.
- Secure Access Cloud provides Zero-Trust Network Access (ZTNA).
- Symantec Endpoint Security provides cloud-based security with AI-guided management.
These technologies are integrated with Symantec Data Loss Prevention (DLP), and are implemented to provide full visibility into user activity for detection, forensics and compliance.
In summary, Zero Trust is the cyber security strategy that best addresses the risks organizations face in the era of digital transformation, mobility and the cloud. Because large data breaches often result from the use of bogus identities, a Zero Trust environment significantly increases cyber security effectiveness. Whatever the state of your cyber security defense, I recommend getting started with a risk-appropriate Zero-Trust strategy, sooner rather than later.
Extending Your Symantec Identity Solutions with Our Security Services Platform
As you transition to Digital IAM, take stock of how you are using your Symantec Identity Security solutions today and how to extend them into the future. Join Vadim Lander to learn how these services seamlessly integrate with your existing solutions so that you can transition to Digital IAM.
We encourage you to share your thoughts on your favorite social platform.