Tech News
Extending zero-trust principles to endpoints
In today’s modern workplace, the increasing number of endpoints has greatly expanded the attack surface, creating new security challenges for organizations. Security and risk management (SRM) leaders need to apply zero-trust principles to endpoints to effectively enhance workspace security. This approach goes beyond traditional security measures, focusing on continuous verification and adaptive access control to mitigate risks associated with both managed and unmanaged devices.
Assessing and integrating security systems
Zero-trust is a transformative concept in cybersecurity that replaces implicit trust with explicit verification for every access request, emphasizing continuous risk assessment based on identity and context. However, viewing zero-trust as a single product or technology can lead to implementation failures and increased security risks. It is important to adopt a comprehensive strategy that integrates various security tools and practices.
The first step in extending zero-trust principles to endpoints is to conduct a thorough assessment of existing security systems. This includes creating an inventory of all devices accessing corporate resources, both managed and unmanaged, and auditing the applications installed on these devices. Enforcing built-in security features such as firewalls, access controls, and encryption is crucial for managed devices. Additionally, restricting persistent administrative rights and granting them only when necessary can further reduce risk. This assessment helps organizations understand their current security posture, identify areas for improvement, and align with industry standards.
Integrating different endpoint security and management tools is vital for a strong zero-trust approach. Combining endpoint protection platform (EPP) with unified endpoint management (UEM) creates a unified endpoint security (UES) system, offering comprehensive visibility and control over managed endpoints. This integration enables continuous risk assessment and adaptive access control, enhancing the ability to mitigate potential threats. Integrating identity and access management (IAM) and secure service edge (SSE) tools provides detailed visibility into user and device activities, facilitating more thorough risk assessments and adaptive access controls.
Securing unmanaged devices and continuous improvement
Addressing the security of unmanaged devices is equally important in a zero-trust strategy. As employees and third-party contractors increasingly use personal devices to access corporate applications, it is crucial to include these devices in security policies. Implementing conditional access policies based on contextual factors such as user location, time of access, and device type can restrict access to sensitive data from unfamiliar or untrusted devices. Secure access technologies like virtual desktop infrastructure (VDI), desktop as a service (DaaS), and clientless zero-trust network access (ZTNA) provide secure access to corporate resources, isolating corporate data and applications from unmanaged devices while maintaining visibility and control. Multi-factor authentication (MFA) further enhances security by ensuring that only authenticated users can access corporate resources.
While zero-trust significantly boosts endpoint security, it is not a complete solution. Combining zero-trust principles with other security strategies is necessary to address a wide range of threats. Vulnerability management, behavioral analytics, and threat intelligence are essential for mitigating various risks associated with endpoints. For instance, regular patch management addresses software vulnerabilities, while behavioral analytics identifies anomalous behaviors that may indicate potential threats. Integrating these strategies with zero trust ensures a more holistic approach to security, enabling organizations to adapt to the ever-evolving cyber threat landscape.
Continuous monitoring and improvement are crucial elements of a zero-trust strategy. Leveraging advanced analytics and machine learning to detect suspicious activities and trigger automated responses, such as blocking access or initiating remediation processes, is key. Mapping controls to zero-trust principles and regularly assessing their effectiveness ensures that security measures remain strong and adaptable.
Extending zero-trust principles to endpoints is essential for enhancing workspace security in today’s complex threat landscape. SRM leaders must embrace a comprehensive strategy that integrates various security tools and practices, addressing both managed and unmanaged devices. By combining zero-trust principles with other security strategies and continuously monitoring and improving their security posture, organizations can effectively mitigate risks and safeguard their resources from sophisticated cyber threats.
Niku Patel is a director analyst at Gartner on the Endpoint Security team covering Endpoint Protection Platforms (EPP), specifically Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) technology. Gartner analysts will be exploring digital risk management and strategies for cyber security resilience at the Security & Risk Management Summit 2024 in London, from 23-25 September 2024.
-
Destination3 months ago
Singapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News7 months ago
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Motivation6 months ago
The Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips5 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Guides & Tips5 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Gaming4 months ago
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Self Development7 months ago
Don’t Waste Your Time in Anger, Regrets, Worries and Grudges
-
Toys6 months ago
15 of the Best Trike & Tricycles Mums Recommend