Securing the Digital World

Recommendations for Zero Trust

Oct 28, 2021 | by SecurID Blog |
Woman in security operations center looking at a computer

During Cybersecurity Awareness Month, SecurID will highlight insights and best practices to help all businesses and users do their part to protect themselves, secure remote work, and “#BeCyberSmart.”

In 2020, the pandemic forced a rapid pivot to remote work, and companies around the world had to play catchup with their cybersecurity initiatives. What many didn't foresee was that this was more than a short-term adaptation. Today, with more than a year of remote work under their belts, increasing numbers of white-collar workers expect to work remotely at least some of the time—from the kitchen table or on the road, on any device they choose.

Because of this change, many organizations are making the shift to permanent remote or hybrid work, where employees are working from outside the traditional security of corporate networks at least part of the time. And while many of these organizations have relied on cloud-based services operating from beyond established network perimeters for years, the mainstreaming of hybrid and remote work has put the need to support—and secure—remote work at the forefront of security concerns.

That shift has pushed security teams to ensure that users can work from anywhere and on any device. But that’s much easier said than done, especially in a hybrid environment: Gartner predicts that by the end of 2021 there will be 25 billion devices connected around the world. And for many of them, traditional security tools no longer offer adequate protection.

In this new world, some employees may never visit an office space and many devices may never touch a corporate resource. IT security teams will find it challenging to trust users and devices when they’re working and connecting from inherently less secure environments: an AT&T survey found that 54% of employees are “regularly using their work device for personal purposes, including sharing work equipment with family members.” The same survey found that more than a third are using their corporate devices to connect to smart home devices, speakers, fitness monitors, lighting, and kitchen appliances.

The upshot is that more connections to more unsecured devices can make it harder than ever to grant and secure appropriate access to corporate networks and resources.

Zero trust is more important than ever

Combine the move to remote work with billions of newly connected devices, and it becomes clear that the era of traditional perimeter security defenses built around internal networks has come to a close. To meet today's access and security demands, many organizations are turning to the concept of zero trust.

At its base, zero trust is about establishing the right level of trust for each user, each time, before granting access. In other words, it’s never wise to assume trust, even inside the network perimeter. And by employing the right zero trust strategy, security leaders can ensure full visibility into both user identity and the entire device landscape—and begin to effectively control the network and dynamically segment and isolate all managed and unmanaged devices.

SecurID: Assembling the key components of zero trust

With these trends in mind, organizations should evaluate the steps they need to take to adopt a zero trust approach. SecurID gives you the identity and access management capabilities to address four key tenets of zero trust:

  • Alignment with NIST. SecurID provides the identity and access management (IAM) components fundamental to working within the NIST zero trust architecture framework, including risk-based analytics and role- and attribute-based access.
  • Dynamic decision-making. Zero trust is more a way of thinking about access than a specific security technology, but you need the right technology to implement it. SecurID risk-based authentication enables the dynamic decision-making you need to continuously establish trust.
  • Capabilities to establish trust. Another key element is the ability to establish the right level of trust before granting access. SecurID supports a range of multi-factor authentication (MFA) methods, along with governance and lifecycle capabilities that lay the foundation for governance-based and visibility-driven access authorization.
  • Integration with identity systems. SecurID integrates with Microsoft Active Directory (AD) and cloud-based Azure AD and Amazon Web Services (AWS) AD to help integrate identities with the policies, administration and methods required by a zero-trust architecture.

Put cybersecurity first with SecurID

As we wrap up Cybersecurity Awareness Month, consider how zero trust can play a role in supporting your access environment. SecurID provides a comprehensive set of authentication, identity, governance and lifecycle capabilities to address the identity and access management challenges presented by zero trust. SecurID combines the widest possible array of flexible MFA options with dynamic, risk-driven access policies. SecurID Governance & Lifecycle Cloud helps organizations better manage user access—putting cybersecurity first while reducing identity risk.