With COVID-19 forcing the entire world to shift into more hybrid-oriented workplaces, Vytautas Kaziukonis, Founder and the CEO of SurfShark says zero trust architecture should become the new norm in cybersecurity. Here’s why — the pandemic has rendered traditional network-based security technologies ineffective. Kaziukonis reveals companies are already seeing the value in zero trust approach because it’s available and has proven to work. Plus, the zero trust strategy gives organizations the power to manage their data more safely.Â
Due to its superior effectiveness, the Zero Trust model was already growing in popularity even before the global pandemic. But when COVID-19 struck and many individuals were forced to work from home, organizations had to adopt hybrid workplaces’ new norm.Â
According to MicrosoftOpens a new window , more than half of their surveyed companies indicated that their biggest challenges during this shift were their poor network security infrastructures. In turn, this has caused the industry to begin a natural transition towards a different philosophy in cybersecurity.
The Drawback of Perimeter-Focused Defense
Until recently, most security strategies focused on building strong defenses to keep potential threats outside of the network. The idea was to keep important information locked away, almost like banks storing stacks of cash on open carts behind 6-foot steel vault doors. This door has to be sturdy enough to withstand any outside attacks or potential threats.Â
The drawback to this approach is that nothing stops thieves from taking all the loot inside the vault if they get through its main defenses because all the money is lying around unprotected. And even if the police are already on their way to intercept, thieves can get away with the cash if they’re quick enough.
Most traditionally designed data centers operate in a similar way according to the east-west principle, which denotes the direction of information flow among devices within the system. This allows the information free-travel inside the data center and is extremely convenient for users and security developers.Â
But this east-west server communication also means that traveling information does not pass any firewalls inside and remains uninspected. Consequently, once cybercriminals manage to bypass the perimeter defenses, data inside such networks is unprotected and available for grabs, just like those stacks of cash lying around inside the bank’s vault.
Learn More: Future-Proofing Home Offices With Zero Trust Security
Securing Cloud-First & Remote Users: It Begins With Zero Trust
Data breaches are not uncommon, but most organizations manage to protect themselves just fine by building strong walls around their workplace networks. Unfortunately, this approach philosophy quickly turned into a major vice when the pandemic struck and forced individuals to work from home.Â
Suddenly, data centers became decentralized and more susceptible to breaches as most had to work away from their protected workplace networks. A single malware-ridden or phishing email opened at someone’s home is enough to potentially compromise the entire security system and result in a major security breach for the entire company. And since around 88% of all data breaches occur due to human errorOpens a new window , remote work has also caused individuals to become more distractedOpens a new window in the process.
In contrast to the perimeter defense, the Zero Trust model works by assuming that every data request made from inside or outside a given network is a potential breach. Its “never trust, always verify†approach extends throughout the entire data center and every piece of data that travels within is authorized, encrypted and authenticated before it gains access through any single point of the network.Â
By micro-segmenting data centers into individual workloads, the Zero Trust strategy gives organizations the power to manage their data more safely. Imagine the same vault with a six-foot thick steel door, except when you blow it open, you find all the money locked away into individual safeboxes behind complex locks, and the police is already on its way.
Zero Trust and Resource AvailabilityÂ
The shift towards Zero Trust and micro-segmentation has naturally become the logical next step in cybersecurity. Before, implementing individual firewalls between the east-west traffic flows inside data centers was a common way to achieve similar results. Though, this particular approach was financially unfeasible for most companies as it required an immense amount of resources to implement and maintain.
Recent developments in software-defined data centers (SDDCs) has allowed micro-segmentation to become a possibility. Beyond increased agility, speed, and efficiency, SDDCs have enabled Zero Trust to become a reasonable alternative to more traditional security approaches.Â
With COVID-19 forcing the entire world to shift into more hybrid-oriented workplaces, we can expect micro-segmentation to become the new norm in cybersecurity. And this will have a manifold impact on security systems and workflow.
Learn More: 10 Reasons for SMBs to Consider Managed Security Service Provider (MSSP)
Zero Trust’s Effects on Security and Workflow
In regards to security frameworks, access to the company’s network will be based on its adaptive security policies, i.e., providing insight for potential positive changes to the security systems. Data Center alerts will also be automated and AI implemented to reduce response times to cyber-attacks and increase detection rates for any occurring anomalies.Â
For everyday users, this will mean using only company security-approved devices when working and undergoing multi-factor authentication procedures before accessing or sharing the company’s data. Many apps will also need to be approved by the security department, so if you want to use your work device for non-work related activities, you may be out of luck.
And while that may take some time to get used to, Zero Trust and micro-segmentation will improve cybersecurity and save many companies from data breaches and heavy losses. COVID-19 has already shown the importance of a more decentralized approach to cybersecurity. In turn, more and more people will be able to work safely and remotely regardless of whether there’s a quarantine or not.
Let us know if you liked this article or tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!