Security News

In this Help Net Security interview, Michal Cizek, CEO at GoodAccess, discusses the crucial balance between leveraging distributed resources and maintaining top-notch security measures. Implementing zero-trust security often means redesigning the access policy from the start.

Credential security company Beyond Identity has launched the Zero Trust Authentication initiative for organizations to hack-proof user credentials, with backing from major firms. In an effort to codify just how IT should apply that in practice, companies including Zero Scaler, Optiv, Palo Alto Networks, Crowdstrike and Ping Identity are supporting an initiative led by security firm Beyond Identify to lay out a zero trust architecture to inoculate corporate accounts and credentials against phishing and ransomware, among other threats.

In this interview for TechRepublic, they discussed the challenges businesses face with mobile device management as well as possible solutions. James Maguire: The mobile device management market is pretty hot - it saw about $5 billion worth of revenue last year, and it's growing about 20-25% a year.

While zero trust can be an effective approach to security, it can also present some challenges, particularly when it comes to implementing it for software as a service due to the fast pace of its adoption, distributed ownership of SaaS applications across organizations, and the shared responsibility model between a SaaS vendor and a customer. The traditional approach to SaaS security challenges has been to use a cloud access security broker and/or identity provider to manage access to SaaS applications.

Current cybersecurity practices are woefully unprepared to meet the complexities of modern networks. Cloud services, remote users, personally-owned devices, mobile company assets and other forms of tech regularly move from outside the network in, and a once-safe device can't be assumed to be safe again.

Ernest Hemingway said the best way to find out if you can trust someone is to trust them. "The primary risk addressed by zero trust is to prevent attackers from taking advantage of implicit trust," he said.

IoT remains the biggest hurdle in achieving an effective zero-trust security posture across an organization. In this Help Net Security video, Denny LeCompte, CEO at Portnox, discusses how IoT has been difficult to profile accurately and why zero trust strategies fail when applied to IoT. More about.

From there, design your Desktop as a Service offering using concepts and solutions that implement zero trust network access. Zero trust network access includes technologies that provide secure remote access to applications, desktops, and data based on access control rules.

Microsoft has messed up a zero trust upgrade its service provider partners have been asked to implement for customers. The software giant has long given its partners delegated admin privileges that allow them to administer customers' services or subscriptions on their behalf.

Cloudflare has made its 'Cloudflare One Zero Trust' security suite free to public interest groups, election sites, and state organizations that are currently part of Project Galileo and the Athenian Project. Today, Cloudflare announced that they are enhancing both of these offerings by providing free access to its Cloudflare One Zero Trust security product.