ThinkTWENTY20

Valuable data is sometimes breached in conventional systems, even with strong conventional security structures. This has become a greater problem during pandemic times with greater distribution of systems to accommodate remote work. One solution being used particularly by large organizations is zero trust security. But smaller organizations can use the zero trust concept to improve the security of their systems and their data.

Zero trust looks beyond the idea of perimeter security to establish tight security in all corners of the system. But even at the perimeter it means using multi-factor authentication, such as texting a designated mobile phone with an access code, rather than passwords. It also includes greater use of biometrics, such as face scans for authentication.

But it goes well beyond strengthening the perimeter access to include all segments of the system and all data, including back-up data. The latter has been particularly vulnerable to ransomware attacks and zero trust is a good solution. It means storing the data in areas not available for general access, protected by air gaps, encrypted of course, no administrative logins, and minimum privilege always.  

Some sources to check include:

• https://www.informationweek.com/security-and-risk-strategy/what-is-zero-trust-data-management-
• https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture
• https://www.ibm.com/topics/zero-trust
• https://www.microsoft.com/en-us/security/business/zero-trust
• https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf