Tackling the many (sur)faces of a zero trust security framework

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

Read Article

By Vijay Jayaraman – Director – System Engineering, India & SAARC, Citrix

For a business to thrive in today’s world, it is critical for it to have innovation and technology at its core. However, it is also important to understand that the more we try to diversify the technology we use and rely on it to carry out work, the more vulnerable we are to external threats and attacks. It is therefore important for every organization to not only use technology to ease processes but also create a robust security framework that safeguards the entire business.

So, what is the best way to protect your business from malicious threats?

Let’s take a look at our own homes. Everyone has a lock on their front door which provides a certain level of security. This security improves significantly once complemented with an alarm and video surveillance system that is capable of tracking movement through the house. But this won’t stop criminals from trying to break a window, deactivate the alarm system or even just monitor your every move to gather any sensitive information. Now, translating this to businesses – a zero-trust network architecture (ZTNA) is an important first step to enhance workplace security. As opposed to a VPN based security system, zero trust adds multiple layers and restricts access to the critical business resources whether they are on premise or on cloud. It employs multi-factor authentication, machine learning-based analysis, and continuous monitoring that ensures optimum security in the network.

However, just implementing this architecture is not enough. In many companies, it has been observed that most vulnerabilities reported are in applications and not in the network. Businesses, therefore, need to take additional steps for a comprehensive strategy that not only understands vulnerabilities in the network but in the applications as well. With applications moving away from being monolithic and progressing towards cloud-based micro service architectures, it becomes important for organizations to focus on in-house applications and on the new public cloud or hybrid cloud-based micro services.

While doing so, emerging technologies like Artificial…