Connect with us

Tech News

Extending zero-trust principles to endpoints

Published

on

Extending zero-trust principles to endpoints

In today’s modern workplace, the increasing number of endpoints has greatly expanded the attack surface, creating new security challenges for organizations. Security and risk management (SRM) leaders need to apply zero-trust principles to endpoints to effectively enhance workspace security. This approach goes beyond traditional security measures, focusing on continuous verification and adaptive access control to mitigate risks associated with both managed and unmanaged devices.

Assessing and integrating security systems

Zero-trust is a transformative concept in cybersecurity that replaces implicit trust with explicit verification for every access request, emphasizing continuous risk assessment based on identity and context. However, viewing zero-trust as a single product or technology can lead to implementation failures and increased security risks. It is important to adopt a comprehensive strategy that integrates various security tools and practices.

The first step in extending zero-trust principles to endpoints is to conduct a thorough assessment of existing security systems. This includes creating an inventory of all devices accessing corporate resources, both managed and unmanaged, and auditing the applications installed on these devices. Enforcing built-in security features such as firewalls, access controls, and encryption is crucial for managed devices. Additionally, restricting persistent administrative rights and granting them only when necessary can further reduce risk. This assessment helps organizations understand their current security posture, identify areas for improvement, and align with industry standards.

Integrating different endpoint security and management tools is vital for a strong zero-trust approach. Combining endpoint protection platform (EPP) with unified endpoint management (UEM) creates a unified endpoint security (UES) system, offering comprehensive visibility and control over managed endpoints. This integration enables continuous risk assessment and adaptive access control, enhancing the ability to mitigate potential threats. Integrating identity and access management (IAM) and secure service edge (SSE) tools provides detailed visibility into user and device activities, facilitating more thorough risk assessments and adaptive access controls.

See also  How to Combine Stoic and Minimalist Principles for Optimal Living

Securing unmanaged devices and continuous improvement

Addressing the security of unmanaged devices is equally important in a zero-trust strategy. As employees and third-party contractors increasingly use personal devices to access corporate applications, it is crucial to include these devices in security policies. Implementing conditional access policies based on contextual factors such as user location, time of access, and device type can restrict access to sensitive data from unfamiliar or untrusted devices. Secure access technologies like virtual desktop infrastructure (VDI), desktop as a service (DaaS), and clientless zero-trust network access (ZTNA) provide secure access to corporate resources, isolating corporate data and applications from unmanaged devices while maintaining visibility and control. Multi-factor authentication (MFA) further enhances security by ensuring that only authenticated users can access corporate resources.

While zero-trust significantly boosts endpoint security, it is not a complete solution. Combining zero-trust principles with other security strategies is necessary to address a wide range of threats. Vulnerability management, behavioral analytics, and threat intelligence are essential for mitigating various risks associated with endpoints. For instance, regular patch management addresses software vulnerabilities, while behavioral analytics identifies anomalous behaviors that may indicate potential threats. Integrating these strategies with zero trust ensures a more holistic approach to security, enabling organizations to adapt to the ever-evolving cyber threat landscape.

Continuous monitoring and improvement are crucial elements of a zero-trust strategy. Leveraging advanced analytics and machine learning to detect suspicious activities and trigger automated responses, such as blocking access or initiating remediation processes, is key. Mapping controls to zero-trust principles and regularly assessing their effectiveness ensures that security measures remain strong and adaptable.

See also  Lord introduces bill to regulate public sector AI and automation

Extending zero-trust principles to endpoints is essential for enhancing workspace security in today’s complex threat landscape. SRM leaders must embrace a comprehensive strategy that integrates various security tools and practices, addressing both managed and unmanaged devices. By combining zero-trust principles with other security strategies and continuously monitoring and improving their security posture, organizations can effectively mitigate risks and safeguard their resources from sophisticated cyber threats.

Niku Patel is a director analyst at Gartner on the Endpoint Security team covering Endpoint Protection Platforms (EPP), specifically Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) technology. Gartner analysts will be exploring digital risk management and strategies for cyber security resilience at the Security & Risk Management Summit 2024 in London, from 23-25 September 2024.

Trending