Partner Content: Making Zero Trust work for your customers

Lookout discuss how in a remote-first work environment, organisations require a modern Zero Trust architecture that is intelligent.

clock • 3 min read
Partner Content: Making Zero Trust work for your customers

The applications and infrastructure used by enterprises is no longer homogenous or confined within office perimeters. The increased reliance on software-as-a-service (SaaS) apps and mobile devices means that users are working from anywhere and accessing enterprise data on unmanaged endpoints and networks. As a result, enterprise data no longer stays within network perimeters but instead flows to wherever it is needed. This is great for productivity but less so for security as the visibility and control security teams use to have have disappeared.                        

VPN is NOT Zero Trust     

Zero Trust security, which is defined as the idea that no user or device can gain access to enterprise resources unless proven to be trustworthy, is not a new concept. Channel solution providers have been talking about it for years. However, the huge increase in the scale of remote working triggered by the pandemic made Zero Trust a marketing tool.  

Examples of security tools that would have been considered part of a Zero Trust architecture a few years ago included domain-based network access control and two-factor authentication. These however became less useful as apps and data move to cloud and users stop going into the office and using corporate-issued personal computers.

Because the pandemic demanded remote working solutions to be scaled up so rapidly, most enterprises fell back on simply extending VPNs because these were already in use for remote working. As problems arise, security tools are tacked onto VPNs.

But this is not a Zero Trust architecture. Regardless of how many third-party solutions you throw at it, if the security check is only done once, it's not enough. Once a user gains access into an enterprise network, they can go pretty much wherever they like, determined of course by access rights and permissions. This opens up a door for attackers to compromise credentials, gain access and move laterally across enterprise networks seeking data to compromise. Criminals are targeting privileged accounts via phishing tactics, easily evading perimeter security measures.

This is why adding further individual security measures onto a VPN is not Zero Trust security.

Zero Trust SASE from Endpoint to Cloud

To ensure that remote and hybrid workers can remain productive without compromising sensitive corporate data, channel partners should position intelligent Zero Trust solutions. Through the integration of endpoint security and secure access service edge (SASE) technologies, organisations can get deep visibility into the risk level that users and the networks and devices they use pose and the sensitivity level of the data they want to access.

Device telemetry is critical because mobiles phones rarely use enterprise controlled networks. Instead, they usually connect via home Wi-Fi or public networks and users are sometimes slow to download OS or app updates that contain security patches.

User behaviour also needs to be continually analysed to detect deviations from the norm indicative of malicious or accidental wrongdoing. For example, if telemetry indicates unusual behaviour from an employee, access to sensitive data can be restricted, extra authentication measures could be enforced or the content itself could be encrypted or redacted. Or the session completely terminated, if needed.

All this needs to be tied to the context — or the sensitivity level of the data the users and devices seek to access. You could lock down access solely based on user and device sensitivity, but it will likely hinder productivity as not every piece of data is highly sensitive.

In a remote-first work environment, organisations require a modern Zero Trust architecture that is intelligent. To make smart access decisions, you need deep and continuous telemetry into users, endpoints, networks, apps and data.

Find out more about how partnering with Lookout to offer SASE solutions can help you enable secure and efficient hybrid working at your customers' organisations.

 

 

This post was funded by Lookout

More on Vendor

Oracle and AT&T extend cloud agreement with new deal

Oracle and AT&T extend cloud agreement with new deal

The move is designed to give new capacity and capabilities for AT&T’s database and application workloads running in Oracle Cloud

clock 12 August 2022 • 1 min read
Cybersecurity vendors team up to form new open-source project

Cybersecurity vendors team up to form new open-source project

It is set to help organisations detect, investigate and stop cyberattacks faster and more effectively

clock 12 August 2022 • 2 min read
Kaseya shakes up auto-renewal process

Kaseya shakes up auto-renewal process

A letter from president and chief customer success officer C.J. Wimley says there is a 'desire' to make some changes

clock 11 August 2022 • 2 min read

Highlights

Staff & Salaries 2022

Staff & Salaries 2022

A snapshot of pay and headcount trends in the UK channel

Doug Woodburn
clock 09 March 2022 • 1 min read
Midwich CEO on Nimans acquisition, 2021 results and return to pre-pandemic levels

Midwich CEO on Nimans acquisition, 2021 results and return to pre-pandemic levels

Stephen Fenby talks to CRN after Midwich’s 2021 results in which profitability exceeded pre-pandemic levels

Josh Budd
clock 08 March 2022 • 3 min read
4 more vendors suspend sales in Russia following Ukraine invasion

4 more vendors suspend sales in Russia following Ukraine invasion

IBM and Microsoft are among a number of vendors which have also announced that they will halt sales in Russia following the invasion of Ukraine.

Dan Bennett
clock 08 March 2022 • 3 min read