Zero Trust Solutions
The evolving architecture of modern networks and the advancing cyber-threat landscape together demand a new approach on how access is granted to system resources. A fundamental improvement is required over the old security concept of trust being granted to a user substantially based on whether that user’s device is “inside” or “outside” the corporate network. The network perimeter has decayed as a concept, mobile devices have become a norm, cloud architectures have become commonplace, and homeworking has rocketed – even, in some cases, based on private rather than corporate devices (BYOD). The security issues arising from these developments require a fundamental rethink about how access is granted to separate, granular resources, such as applications, files, and other devices, based on deeply enhanced user identity authentication at multiple stages, improved logging and also improved control over privileged user sessions.
Zero Trust is a model for systems and network design which proposes that devices are not to be trusted by default, even if they are within the corporate network. That is, given the complexity of modern networks, as well as the sophistication of modern cyber-attacks, the appearance of a device within the network, eg over a VPN link, is not to be taken as sufficient evidence, on its own, that this device can actually be trusted to have access to certain resources within the network. Instead, the validation of the identity and integrity of the device must be supplemented by secure authentication of the user who is operating the device. Only then is a level of trust granted, for the specific resource access request in hand.
But this is only the beginning of Zero Trust. Because the principle of granting minimum trust can lead to the conclusion that system and network resources must be more finely segmented (“microsegmented”) and controlled in a more granular way, so that a certain authenticated user has only a certain type of access to only certain applications, files, parts of the network, or other network resources. Of course there is nothing new in principle here, but the question of how to match authenticated users on the one hand with various types of microsegmented network and systems resources on the other hand, and how to log all access securely and make that information useful, can be distinctly non-trivial. Here, the quality of the administrative and management tools provided can deeply influence the level of security that is achieved.
It may appear at first sight for many that the design and implementation of Zero Trust as a new overall architecture is an overwhelmingly complex task. However, Titan Data Solutions has gathered together a family of pragmatic solutions that can be rolled out today and that implement Zero Trust principles to solve day-to-day business problems, step-by-step. Generally, these software solutions facilitate and control remote and local access to company resources including data, applications and devices, the running of secure remote sessions and the use of private devices for company business (BYOD). A very specific use case is for control and monitoring of privileged access sessions (PAM – privileged access management).
By implementing Zero Trust solutions for day-to-day business problems, pragmatic and cost-effective steps can be taken on the journey to a safer overall Zero Trust paradigm. In some cases, the Zero Trust solution may enable a significant cost-saving, for example in providing a new way of working that will allow migration to a BYOD policy. Zero Trust then becomes a vision that is achieved on a step-by-step basis, using the new way of thinking at all stages.
How can Titan Help?
Titan Data Solutions has developed a portfolio of Zero Trust software solutions and associated services, including consulting and support, from highly trusted vendors. Titan can help in a reseller’s discussions with end-clients and then, having established the technical problem and the technical environment, introduce pragmatic solutions for consideration and user testing.
Concrete use cases for Zero Trust solutions from Titan include for example: Secure home-working, including BYOD, Secure contractor access, VDI cost reduction, Secure alternative to VPN, Enabling digital transformation projects, Privileged access management
The solutions are always sold through the reseller, with support available from Titan at every stage.