By Herb Kelsey, Industry CTO – Government, Dell Technologies
Over the past decade, IT security has dramatically shifted focus from securing the “walls” around data centers to grappling with the complex interconnectedness of multiple cloud services, SaaS providers and edge computing. This shift has rendered the traditional network-based security model inadequate, as businesses can no longer rely on a clear perimeter or the ability to control their entire infrastructure.
The legacy paradigm, which allowed organizations to access their networks through virtual private networks (VPNs) and provided extensive freedom within the system, is seeing stress fractures under the weight of modern demands. Two key assumptions underpinning this old model no longer hold true—that businesses can own and command every element of their infrastructure and that they can enforce security policies based on network topology. As a result, organizations find themselves navigating a more nebulous digital environment. Physical data centers may not even exist, and various clouds and edges connect in intricate and unpredictable ways.
Enter the era of Zero Trust: a transformative approach to cybersecurity that eschews the assumptions of the past and embraces the realities of today’s digital landscape. By focusing on securing applications and data rather than network topology, Zero Trust offers a comprehensive and adaptable framework that can better protect organizations from the growing threats they face. With its emphasis on continuous verification and automated enforcement, Zero Trust is poised to redefine IT security for a new generation of businesses operating in an increasingly interconnected world.
Zero Trust use cases for enterprise IT
The escalating prevalence of threats like ransomware attacks, paired with the unique cybersecurity challenges of an increasingly distributed workforce, highlight an urgent need for a new approach. Traditional defenses have failed to keep pace with adversaries who have the freedom to move laterally across networks, often undetected. Despite substantial investments in cybersecurity over the past 30 years, the problem persists—and resources are not infinite. Organizations must find a more efficient and comprehensive solution to addressing these evolving threats.
It’s critical to implement Zero Trust in an end-to-end capacity in order to truly realize its full potential. Here are a few ways in which it functions effectively when integrated correctly:
Blocking unauthorized access. Hackers don’t break in—they log in. Zero Trust can help prevent this by employing multifactor authentication (MFA) to restrict API and user access to systems.
Restricting movement within systems. Once a hacker infiltrates a system, they often fast-track their way to “superuser” status, gaining entry to even more sensitive data. By focusing on privileged access management, which audits and confirms identities across an entire IT ecosystem, Zero Trust offers greater control of access, usage and revocation of privileges. This restricts hackers’ ability to move freely throughout the system if they’re able to penetrate one element.
Limiting the scope of damage. Zero Trust helps reduce the impact of a threat by limiting how much of a system an unauthorized user or malware can affect. Micro-segmentation, in particular, is a useful tactic for isolating system access for specific users, applications and data.
Reducing entry points. In an increasingly distributed/hybrid workforce, Bring Your Own Device (BYOD) environments are becoming more common. If a personal device is compromised, it’s an easy access point for threat actors. Zero Trust’s “comply to connect” protocol means that employees can’t log into sensitive company systems on unsecured networks or while using unsafe devices.
Limiting operational risk. Through automation, Zero Trust emphasizes continuous monitoring, updates and maintenance that ultimately reduces overall operational risk.
Protecting against compromised technology. Zero Trust solutions provide protection by verifying supply chain integrity and using secure component verification. Any server in the system undergoes rigorous, automated testing to ensure no components have been altered or manipulated between manufacture and installation.
Improving response effectiveness. Enterprise IT facilitates millions of transactions across thousands of devices on a weekly basis. By relying on system data to develop artificial intelligence and machine learning (AI/ML) models, an advanced Zero Trust solution can respond more quickly and comprehensively to cyberattacks than humans alone could manage.
Ongoing challenges of Zero Trust
The above benefits are only accessible when an enterprise is able to effectively execute Zero Trust—which is no easy feat. While numerous companies and vendors have produced their own Zero Trust products, there remains a dearth of information on how to modernize existing IT cybersecurity solutions for an enterprise setting. In light of this, Zero Trust implementation is often a hodgepodge process, with dozens of solutions that solve singular problems but few integration options available. Often, the onus falls on the customer to fuse these disparate solutions together.
Zero Trust is a journey, and the destination is a well-defined set of integrated and automated security activities validated by the U.S. government and recognized around the world. The critical component for scaling and end-to-end validated Zero Trust solution for organizations worldwide is a robust partner ecosystem.
Recognizing this need, Dell is keenly focused on building out this ecosystem in the Zero Trust Center of Excellence where it is bringing together 30+ partners and serving as the technology integrator to support customers in their journey. The strength of such an ecosystem lies in its ability to address a major pain point for customers—integrating numerous individual technology and security products. By adopting such a comprehensive approach, businesses can take the first steps toward more resilient, reliable and robust IT security that’s a better fit for the way we do business today.
Click here to learn more about the benefits of Zero Trust. Herb Kelsey will be hosting a session on Zero Trust Demystified at Dell Technologies World 2023. If you are attending, and you need help curating your security experience, Dell’s Security Journey offers a roadmap of essential security discussions.