UXC Saltbush backs zero trust approach to network security
ICT services firm, UXC Saltbush, has called for organisations to change their network security mindset as disruption continues to occur inside corporate networks by considering a zero trust approach.
UXC Saltbush principal consultant, Clem Colman, believes that while managing information security for corporate networks has always been difficult, the ability to meaningfully inspect traffic coming in and out isn’t keeping up with the threats.
“Innovations including web, digital and cloud have accelerated the problem, giving cyber criminals new opportunities to attack,” Colman said.
“The other problem is that users no longer want to live inside the corporate network; they want to access enterprise information and systems from wherever they are using whatever device they have on hand.
“Also, the assets organisations are charged with protecting are also rapidly decamping beyond the castle gates into the cloud. The battleground has moved and the challenge now is making sure organisations have the right capabilities in the right places for the next round.”
According to UXC Saltbush, the challenge to deliver services securely anywhere and anytime means organisations need to decouple network security from network topology.
In other words, the ability to protect assets, information and users can no longer be contingent on them “living inside the fortress”. Instead, the protection needs to go with them to wherever they want to be or where market forces increasingly dictate they need to be.
A conceptual model to help organisations understand how to address this challenge is the zero trust network, UXC Saltbush adds.
The premise of zero trust is that trust should not be assumed between network actors regardless of location, and that protection should be applied to the smallest invisible network actors, such as laptops, smartphones, servers, desktops and storage.
“Zero trust gives organisations a model for addressing the existing security challenges within the fortress: you can’t trust your neighbours just because they live in the trusted zone of the network,” Colman said.
“Zero trust also gives us a model for dealing with users and systems that live outside the fortress because its fundamental principle has universal applicability: every network participant needs to protect itself.”