itb-au logo
Story image

Are organisations ready for Zero Trust?

25 Nov 2019

Article by Forescout Asia Pacific and Japan systems engineering senior director Steve Hunter

Today’s enterprise environments rely heavily on cloud-based services and infrastructure, which effectively erase the network perimeter.

Workloads, data, and the workforce itself are mobile and need agile security.

Users also demand more access options to more accounts, data, and resources.

Concurrently, the volume and diversity of devices connecting to network resources overwhelm traditional endpoint management.

Because many of these devices, such as visitor devices, bring-your-own-device (BYOD) systems, Internet of Things (IoT) devices and operational technologies (OT), don’t or can’t run corporate management agents, security teams may be blind to many of the devices on their networks, unable to identify their users, assess their security state, or control their activities.

These systemic failings of perimeter-focused security led Forrester Research analysts to develop Zero Trust as an alternative.

Zero Trust assumes that any person or device with access to an organisation’s data is a threat to the enterprise and thus advises organisations not to trust anything.

Instead, a Zero Trust approach will verify the user and the user’s device, or just the device if not a user device, such as a printer or camera, and then restrict access to only the minimum level required for the task at hand every time.

This policy is strictly enforced through intelligent access control and network segmentation.

Despite its clear benefits, very few organisations have turned the concept of Zero Trust into a security practice.

One example of a Zero Trust strategy is the goal of discovering and classifying 100 per cent of the devices that connect to the network—not just those with endpoint agents installed and operational—and to strictly enforce least-privilege access policy based on a granular analysis of the device, user identity and authorisations, software stack, configuration compliance, and security state.

To enforce a restrictive access policy, organisations need to be able to see, assess, and control everything on the network.

According to Forrester analyst Chase Cunningham, “Visibility is the key in defending any valuable asset. You can’t protect the invisible.

"The more visibility you have into your network across your business ecosystem, the better chance you have to quickly detect the telltale signs of a breach in progress and to stop it.”

Forescout has identified three key areas that organisations should examine to improve their visibility position for Zero Trust:

1. Agentless discovery of any device. Employ a combination of agentless active and passive methods to discover all of the devices on an organisation’s extended, heterogeneous network from campus and data centre to cloud and OT networks.

2. Continuous visibility and policy-based device control. Use a real-time policy engine that uses asset intelligence to continually assess devices against policies that enforce expected behaviour.

3. Customisable device intelligence for security operations and incident response. Security operations teams lack a comprehensive view into connected devices and their classification, connection and compliance context. With the right platform, organisations will have a consolidated view of their device landscape and compliance status across the extended enterprise.

Ultimately, to get ready for, and ensure Zero Trust success, organisations need total visibility.

They can achieve this with a comprehensive device visibility and control solution that can see and control hosts that conventional endpoint management systems can’t.

This will let them reach the goal of being able to discover and classify 100% of the devices that connect to the network.

Story image
Interview: Appian's Matt Calkins on low-code & the rise of hyperautomation
A lot can change in 21 years. It takes a strong company to remain true to a few key technology ideas, and concentrate on their evolution.More
Story image
Video management firm Panopto launches A/NZ data centre
The data centre, based in Sydney, provides local cloud-based video hosting for enterprise and higher education customers.More
Story image
Cybermerc launches AU cyber threat intelligence platform, AUSHIELD
So far Australian National University, Fortinet, Anomali, Elastic, Vault Cloud, and startups SecureStack and Countersight have joined the project.More
Story image
E-waste becoming a massive issue for businesses, so what can be done?
E-waste is a global concern, and is quickly becoming a crisis of its own, the researchers state. In fact, more than 53 million metric tons of e-waste was produced in 2019.More
Story image
The ins and outs of cloud-native computing
For businesses and other organisations that want to get the most out of their approach to the cloud, cloud-native computing may provide the answer, writes Gigamon country manager for A/NZ George Tsoukas.More
Link image
On 10 December, find out how data centers will fare in the face of climate change
From pandemic disruption to the urgency to address climate change, data center development in Asia Pacific needs to remain resilient and sustainable. On 10 December, join this webinar to learn about viable solutions data center operators can use to overcome environmental challenges. Register now.More