TRUSTING YOUR ZERO TRUST ARCHITECTURE
The accelerated move to the cloud, increased use of BYOD, IoT and shadow IT, and an abrupt shift to working from home have exponentially complicated the IT security landscape. Cybersecurity professionals must provide secure access to company resources from any location and asset, protected interactions with business partners, and shield client-server and inter-server communications from malicious or unauthorized usage. At the same time, adversaries are more sophisticated and targeted in their approach.
As a result, they are infiltrating deeper, dwelling longer, imposing an incalculable cost, and doing significantly more damage. As organizations look to defend increasingly complex IT environments against more sophisticated threat actors, the concept of a Zero Trust Architecture (ZTA) is growing in prominence and prevalence.
Several high-profile cyber intrusion events involving the software supply in 2020 led NSA and DISA to issue guidance specifically recommending that US government organizations and their industry partners implement ZTA to combat active threats to systems and data. The White House recently issued similar guidance.
What Is Zero Trust?
Zero Trust architectures protect critical assets (data) in real-time within modern, dynamic threat environments by fortifying data access controls. This architectural approach is built on the assumption that an intruder may already be on the network. Specifically, Zero Trust takes the position that every person, place, or thing accessing the network and services is untrustworthy until proven otherwise. The strategy assumes every access request is an attempted breach. Zero Trust requires explicit verification of the security status of identity, as well as proof of authorization for access to endpoints, networks, applications, and other resources, based on all available signals and data, including potential risk. And, once trusted access is established, a Zero Trust Architecture continues to verify to safeguard data, systems and services by continuous and pervasive visibility and monitoring coupled with detection and response to threats. Implemented properly, ZTA can help reduce breach risk and speed detection times, ease compliance auditing, and better protect company data.
To accomplish the goals of ZTA, trust is granted at a much more granular level than in traditional access architectures. Transactions, including direct user and programmatic authorization and access requests, are allowed to proceed only after identit and authorization is verified, and verification happens repeatedly. ZTA tactically employs continuous monitoring and review of the risk environment by implementing multiple access control points and authorization challenges beyond session initialization. This re-verification process helps detect changes in the context of each request and maintains a running risk analysis throughout each access session. This is where Fidelis can really help.
Neutralize threats with Fidelis
- Full situational awareness: Continuous,contextual visibility.
- Active defense: Engage earlier in the attack lifecycle.
- Dynamic threat monitoring: Detect and respond at line speed.
- Threat-focused analytics: Identify and correlate events and their context.
- Asset risk analysis: Understand the risk of an asset and user before and after trusting access.
Fidelis + Zero Trust
Fidelis Elevate® eXtended Detection and Response (XDR) aligns with the NIST framework in SP 800- 207 and enables the rapid transition of enterprise infrastructure to Zero Trust principles. Fidelis Elevate is the only active cyber-defense platform that integrates Deception technologies with detection and response on endpoint, network and cloud to change the hunt/detect game and defend against modern, advanced persistent attacks from adversaries.
The integrated deception technologies in this Active XDR platform enable SOC teams to continually tune defenses and neutralize threats before they can cause damage to business operations. These capabilities are critical in the Zero Trust architecture to enable monitoring and compliance functions. One of the tenets of a Zero Trust Architecture is ‘Never Trust, Always Verify.’ Fidelis provides the verification of the Zero Trust access enforcement itself to make sure that the Zero Trust controls are working as designed and not compromised by misconfiguration, exploits, advanced attackers or insider threats.
Additionally, Fidelis CloudPassage Halo provides continuous compliance for cloud administrative accounts, enforcing ZTA best practices in dynamic, containerized and highly agile cloud environments. Halo monitors for weak passwords, disabled multifactor authentication, overly permissive administrative accounts, stale accounts, and more, keeping the cloud perimeter secured at the administrative account level. As new cloud accounts come online in an environment, Halo automatically detects and alerts on violations to the ZTA configuration standards and can automatically disable accounts until they are made secure by the SOC team.
- Enterprise-wide Visibility
- Continuous Risk Assessment
- Transactional Monitoring
- Data Governance
- Dynamic Threat Monitoring
As evidenced by major attacks, such as those on SolarWinds and Microsoft Exchange, sophisticated adversaries are adept at disguising attacks and bypassing traditional defenses. An active defense strategy, including proactive, predictive, and retrospective cybersecurity functions, have a better chance of keeping up with emerging and evolving threats.
A Zero Trust Architecture fortified by Fidelis Elevate, proactively shifts users to an active defense where they can detect and respond to cyber threats earlier in the attack lifecy.
Fidelis Elevate Active Defense Bolsters your Zero Trust Architecture in Three Ways:
- Predictive Defense
- Proactive Defense
- Retrospective Analysis
Pama is the official distributor of Fidelis in Vietnam.
Read more about Fidelis here: https://fidelissecurity.com/
Translator: Nguyễn Thùy Trang