Security News

Credential security company Beyond Identity has launched the Zero Trust Authentication initiative for organizations to hack-proof user credentials, with backing from major firms. In an effort to codify just how IT should apply that in practice, companies including Zero Scaler, Optiv, Palo Alto Networks, Crowdstrike and Ping Identity are supporting an initiative led by security firm Beyond Identify to lay out a zero trust architecture to inoculate corporate accounts and credentials against phishing and ransomware, among other threats.

In this interview for TechRepublic, they discussed the challenges businesses face with mobile device management as well as possible solutions. James Maguire: The mobile device management market is pretty hot - it saw about $5 billion worth of revenue last year, and it's growing about 20-25% a year.

While zero trust can be an effective approach to security, it can also present some challenges, particularly when it comes to implementing it for software as a service due to the fast pace of its adoption, distributed ownership of SaaS applications across organizations, and the shared responsibility model between a SaaS vendor and a customer. The traditional approach to SaaS security challenges has been to use a cloud access security broker and/or identity provider to manage access to SaaS applications.

Current cybersecurity practices are woefully unprepared to meet the complexities of modern networks. Cloud services, remote users, personally-owned devices, mobile company assets and other forms of tech regularly move from outside the network in, and a once-safe device can't be assumed to be safe again.

Ernest Hemingway said the best way to find out if you can trust someone is to trust them. "The primary risk addressed by zero trust is to prevent attackers from taking advantage of implicit trust," he said.

IoT remains the biggest hurdle in achieving an effective zero-trust security posture across an organization. In this Help Net Security video, Denny LeCompte, CEO at Portnox, discusses how IoT has been difficult to profile accurately and why zero trust strategies fail when applied to IoT. More about.

From there, design your Desktop as a Service offering using concepts and solutions that implement zero trust network access. Zero trust network access includes technologies that provide secure remote access to applications, desktops, and data based on access control rules.

Microsoft has messed up a zero trust upgrade its service provider partners have been asked to implement for customers. The software giant has long given its partners delegated admin privileges that allow them to administer customers' services or subscriptions on their behalf.

Cloudflare has made its 'Cloudflare One Zero Trust' security suite free to public interest groups, election sites, and state organizations that are currently part of Project Galileo and the Athenian Project. Today, Cloudflare announced that they are enhancing both of these offerings by providing free access to its Cloudflare One Zero Trust security product.

While progress on zero trust is strong, Zscaler found that globally only 22% of organizations are fully confident they are leveraging the full potential of their cloud infrastructure, so while organizations have made solid initial steps on their cloud journey, there is a massive opportunity to capitalize on the benefits of the cloud. "But organizations could be more ambitious. There's an incredible opportunity for IT leaders to educate business decision-makers on zero trust as a high-value business driver, especially as they grapple with providing a new class of hybrid workplace or production environment and reliant on a range of emerging technologies, such as IoT and OT, 5G and even the metaverse. A zero trust platform can redesign business and organizational infrastructure requirements: to become a true business driver that doesn't just enable the hybrid working model employees are demanding, but enables organizations to become fully digitized, benefiting from agility, efficiency and future-proofed infrastructure."