By Megana Natarajan - July 27, 2020 3 mins read
CIOs believe the zero-trust framework to be the best way to handle security attacks arising due to firewall limitations
Pandemic lockdown forced enterprises to shift to remote workforce almost overnight. The sudden shift resulted in increased data breach incidents due to cyber criminals trying to manipulate the weakness in the firewall’s network. IT security leaders have put forward the zero-trust framework as an effective measure of tackling such activities.
CIOs however warn that organizations should be completely aware of functionalities associated with the framework before deploying it in the systems. Security leaders point out that the framework works on the premise that all end-users and devices have already been compromised. The solution is a security model, and not a technology as misunderstood by most professionals.
CIOs say that the technical models are composed of functionalities like identity and access management, multifactor authentication, software-based perimeter, file system access, and micro-segmentation. They point out that the model will allow only relevant interactions to take place and reject everything else at a very granular level. The communications will happen only via HTTPS and any other mode of communication will fail.
Advantages of using the zero-trust model
C-suite executives point out that the conventional perimeter-based firewall security is not strong enough for protection in the current identity and credential-based breaches. Implementing the zero-trust security model helps to protect the confidential data, better compliance auditing, reduces the breach and risk detection time, increased control over the cloud environment, and better visibility in network traffic.
CIOs say that this security model is capable of addressing the speed required in a data center, as it doesn’t require regression and maintenance testing that is critical in a firewall environment. Security leaders prefer the model as it provides alternate measures for more complex firewall architecture. They point out that with constantly evolving and expanding firewall policies they have to change the filters and rules, which becomes error-prone and time-consuming.
Security leaders push for the deployment of the security module as it works on the principle of trust no source which is very relevant in the current scenario. Every source including employees are treated as a potential ransomware entry point and validated accordingly.
Successful implementation of the model
CIOs acknowledge that the implementation of the zero trust security models is not an overnight process. Organizations with fewer legacy systems and more advanced software platforms will be in a better position to implement the security model. The Zero-trust approach faces legacy equipment as its obstacles. Security leaders point out that most organizations conduct a huge overhaul of security architecture which is technically a misguided measure.
Megana Natarajan is a Global News Correspondent with OnDOt Media. She has experience in content creation and has previously created content for agriculture, travel, fashion, energy and markets. She has 3.9 years’ experience as a SAP consultant and is an Engineering graduate.
Banglore's finteness startup ecosystem is inching closer to delievering a new unicorn: CRED. Two-year-old CRED is in advanced stages of talksDownload Now
A Peer Knowledge Resource – By the CXO, For the CXO.
Expert inputs on challenges, triumphs and innovative solutions from corporate Movers and Shakers in global Leadership space to add value to business decision making.Media@EnterpriseTalk.com