Revisiting ‘Zero Trust’ amid a Pandemic?
A lock with a chain and text overlay.
June 26, 2020

Now that workplaces around the world are – more or less – functioning under some combination of remote work tools, a new set of security challenges has manifested itself. Cybersecurity risks like phishing scams, man-in-the-middle attacks, ransomware, evil twin attacks, passive sniffing, and many more cause even more sleepless nights for IT personnel tasked with maintaining their company’s security. But there might be light at the end of the tunnel with the concept of ‘Zero Trust’.

What is Zero Trust Security?

The Zero Trust concept focuses on the idea that an organization systematically refrains from automatically trusting anything inside or outside its perimeters. It might seem at first like this isn’t a great idea, but it is the foundation on which traditional security and access have been built. With a Zero trust strategy in play, everything must go through a rigorous verification process before any connection to its internal networks and programs can be permitted.

According to Charlie Gero, CTO of Enterprise, and Advanced Projects Group at Akamai Technologies, quoted in a 2018 CSO magazine article: Zero Trust boils down to “do not trust anyone.” In a nutshell, a Zero Trust solution creates “trust zones” that continuously identify, test and authenticate devices or users whenever they try to access resources on the internal company network. In a Zero Trust scenario, a hacker is barred from taking advantage of vulnerabilities.

Zero Trust was created by John Kindervag in 2010 when he was a principal analyst at research firm Forrester Research. Kindervag was part of Forrester’s security and risk team when he developed the Zero Trust model to expose the myth that internal networks were safe. One of Kindervag’s examples of how internal networks were vulnerable was with the American National Security Agency (NSA) whistleblower, Edward Snowden. Snowden had unfettered access to internal systems and stole classified documents, Kindervag said during a security roundtable hosted by Palo Alto Networks. Kindervag currently works for Palo Alto Networks. Snowden, as an IT contractor, did not ‘game’ or cheat the system. He simply used the access the (fundamentally flawed) system granted him.

Besides the Zero Trust strategy’s apparent data protection gains, one of the most significant benefits of the concept is that organizations can provide remote users with protected access to their organization’s applications with confidence. The converse applies equally, too – organizations can shut down access in a similarly efficient way.

An added advantage to Zero Trust is that organizations can significantly reduce the load on the VPN. It also increases the speed and ease of access to data, since Remote Desktop connections slow users down. During this COVID-19 pandemic with so many individuals working remotely, this could be a reliable solution to ease the stress on the system.

Zero Trust Deployment

Zero Trust may sound like an ideal solution during COVID-19 however, it is not an easy solution to implement. Organizations must adjust their IT budgets to accommodate a Zero Trust strategy since their current infrastructure may not be ready for it. A potential weak spot for Zero Trust maybe when a workforce uses personal computer equipment for business. The lack of endpoint security on those devices may trip up a Zero Trust environment. This will inevitably leave workers defenseless against a cyber-attack opening vital data to theft. However, solutions like Mobile Device Management facilitate a greater degree of control and will go some way to achieving a more secure position. These solutions, provided by Microsoft or JAMF, for example,  solve this by automatically managing devices and deploying endpoint protection and encrypting the machines and assessing the devices for conditions of compliance before enabling further access.

Regardless if we’re in the middle of a pandemic or not, it’s never too late to get started formalizing a plan for Zero Trust. Implementing Zero Trust will take time, but organizations should consider starting with isolated trust zones, developing a pilot program, and selecting essential organization applications for remote access. As always, Jolera is here to help our partners on the journey to Zero Trust with our professional services and managed services like Manage IT and Secure IT Endpoint, offering 24/7 security and uptime for an organization’s environment.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published.

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecurity Solutions

Cyber Incident ​Response
Endpoint Detection and Response (EDR)
Extended Detection and Response (XDR)
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Helpdesk & Field Services Solutions

Monitoring and Management Solutions

Professional Services & Consulting Solutions

Public and Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Your Partner in Digital Transformation

Helping the Next Generation of MSP and IT Solution Providers Transform and Grow

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.

progress

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn About Us and The Legacy We Have Created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.

progress

Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.

progress

Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!