2019 SailPoint Identity Insider Magazine - Magazine - Page 20
COREY O’CONNOR
Sr. Product Marketing
Manager, CyberArk
Zero Trust in the
Digital Transformation Age
In the digital transformation age, enterprises
are shifting from traditional perimeter security
approaches to the Zero Trust framework to protect
their most sensitive networks. Centered on the
belief that organizations should not automatically
trust anything inside or outside their perimeters,
this model demands that they verify anything and
everything trying to connect to systems before
granting access.
Following are five steps for building out
modern architectures that align to Zero Trust:
1. Take a risk-prioritized approach. With an
expanding cyber attack surface, it’s difficult to
prioritize security initiatives. Instead of tackling
everything, take a programmatic approach that
incorporates a thorough understanding of the
risk your organization faces as it relates to Zero
Trust and build upon it over time. Your first priority
should be securing your enterprise at the core,
which starts with securing privileged access.
2. Implement multi-step authentication for
business-critical assets. With powerful control
of enterprise identities, Tier 0 assets must be
aggressively protected. Continuous multi-factor
authentication (MFA) is essential in narrowing
the focus of trust for users and devices – but it
shouldn’t end there. Consider introducing step-up
authentication and managerial approval processes
that enable the authentication of privileged users
at the exact point of access.
20
|
SAILPOINT IDENTIT Y INSIDER
3. Lock down privilege on the endpoint. Reduce
the risk of attacks using compromised privileged
account credentials by locking down privilege on
the endpoint. Additionally, implement restriction
models that only trust specified applications,
run by specific accounts, under specific
circumstances. This will help mitigate the risk of
ransomware and code injection attacks.
4. Protect the privileged pathway. Monitoring the
privileged access pathway prevents malicious
insiders and external attackers from progressing
their attack. Place tight controls around what end
users can access; create isolation layers between
endpoints, applications, users and systems and
continuously monitor access. Innovations such
as machine learning can help you to identify and
respond rapidly to threats.
5. Get granular about access control. It’s essential
to know who (human and non-human) has access
to what assets, when and which actions they can
perform. Enforce the principle of least privilege
broadly, along with attribute-based access
controls that combine enterprise-level policy
with specific user criteria to balance security with
usability.
By practicing defense-in-depth and incorporating
privileged access security controls at the core
of your strategy, you can achieve a true Zero
Trust framework that helps drive down risk
and empowers your organization to embrace
transformative technologies with confidence.