How is zero trust implemented when more are working from home?

Top Answer : When everyone is WFH the last wall has fallen (Jericho, the Great Wall, Berlin, etc) it is now time to move from "Trust but verify" to "Never trust and always verify".  Even before the Corona Virus crisis most organizations had already begun moving critical applications to public cloud SaaS applications which did not require VPN or firewalled internal network access to access them.  You now need to verify every access to data. It may be very difficult once everyone has been dispersed to implement some of these but to move to Zero Trust you need to: 1. Expand the use of easy to use multi-factor authentication (such Duo, MS Azure) everywhere for every application. 2. Use Privilege Account Management (PAM) for privileged access to apps, critical infrastructure and cloud administration. 3. Use UEBA (User & Entity Behavior Analytics) to detect compromised or suspicious user accounts and devices.   4. UEBA & threat intel should then be used to evaluate risks and implement adaptive control. 5. Implement least privilege based on role(s). 6. Audit and log everything you can and use advanced data analytics on the data to detect anomalies.

13 views
1 comments
0 upvotes
Related Tags
Black Cloud
IT, Educational Services
When everyone is WFH the last wall has fallen (Jericho, the Great Wall, Berlin, etc) it is now time to move from "Trust but verify" to "Never trust and always verify".  Even before the Corona Virus crisis most organizations had already begun moving critical applications to public cloud SaaS applications which did not require VPN or firewalled internal network access to access them.  You now need to verify every access to data. It may be very difficult once everyone has been dispersed to implement some of these but to move to Zero Trust you need to: 1. Expand the use of easy to use multi-factor authentication (such Duo, MS Azure) everywhere for every application. 2. Use Privilege Account Management (PAM) for privileged access to apps, critical infrastructure and cloud administration. 3. Use UEBA (User & Entity Behavior Analytics) to detect compromised or suspicious user accounts and devices.   4. UEBA & threat intel should then be used to evaluate risks and implement adaptive control. 5. Implement least privilege based on role(s). 6. Audit and log everything you can and use advanced data analytics on the data to detect anomalies.
0 upvotes