Security is top of mind for CIOs, CISO’s and even CEOs today. Ransomware attacks are happening to companies every day. Even those who think they are prepared are surprised when hackers find a gap somewhere in their security strategy. Despite implementing all kinds of monitoring and anti-virus protection at the network layer, the hackers can still wreak havoc. So, what’s the solution?
We need to turn our security methodology on its head. The current approach to secure the network is to implement VPNs and anti-virus. The thought is if we keep the hackers out of the network, then our data is safe. The problem is that the hackers can find a way through the perimeter, or worse, they are already inside the network. If you assume that your data is safe once somebody is inside the perimeter, you are at risk. This isn’t the best way to protect your data from getting into the wrong hands.
Zero Trust is a methodology based on the premise that all access is a potential threat. All users are verified and authenticated before gaining access to the network, an application, data, or any workload. All user access is segmented, and if you need elevated authority to do a task, that authority should only be granted when you need it and only after you are verified and authenticated as authorized. All data is encrypted from end to end. Monitoring the network and access to sensitive data is critical to mitigating risk and stopping the hackers before they access your data or worse.
There isn’t a step-by-step manual that you can follow to implement Zero Trust. It’s a framework. Your environment and business are unique, and your security is no different. No provider alone can help you achieve Zero Trust. It will take a team approach to get your environment genuinely secure.
Zero Trust focuses on seven key pillars. These pillars offer a comprehensive approach to layered security, which will ultimately provide you with the lowest risk. By reviewing each of these areas and implementing a strategy to ensure you have a good solution is in place, you can better protect your data. Let’s take a closer look at each one of them.
1. User access
It’s critical to ensure that the users accessing your data are who they say they are. It’s also essential that they have the least amount of authority necessary to do their jobs. Implementing identity and access management (IAM) with multi-factor authentification (MFA) and Single Signon (SSO) are ways to be sure only the users you authorize can connect. Every user must have an ID to authenticate. You need to stop allowing the use of shared accounts in this framework.
2. Device Access
It’s not enough to verify that the user is authorized. As we know, passwords are hacked every day. It’s also essential to verify that the device is authorized. Is it coming from a known IP address? Is the device outside of our network? Is this device authenticated?
3. Network security
Network security is one area that security teams have focused on for years. You still need to protect your perimeter from unwanted access using segmentation, anti-virus, encryption of network communications, and monitoring. It’s just that this is no longer sufficient on its own. It’s an essential part of the framework, but not enough on its own to protect your data.
4. Workload security
You should monitor and inventory all of your workloads. It’s also important to secure access to data through exit points and applications. FTP is a great tool, but it can also allow hackers to access your data. With hybrid cloud environments, applications often share data, and it’s important to be sure you know who is accessing your data and how.
5. Infrastructure security
Securing the infrastructure is not a new concept for companies. Ensuring that the hardware, software, and services are available and secure has been happening for many years. This includes the physical security of the infrastructure and keeping software versions current to minimize threats. Companies sometimes neglect software updates, which expose them to vulnerabilities.
6. Data Security
Data is your companies most valuable asset. You need to protect your data wherever it resides, whether it’s on the disks, in transit, or on a backup tape. Data needs to be encrypted from end to end. It’s also critical to restrict access to data to only those who need it. Categorizing your data is also important to understand how valuable it is and what level of restriction is necessary.
7. Monitor Security Process
All security processes need to be monitored, especially access control, segmentation, encryption, and data access. Continuously improving your process controls will help you ensure that all of the above items are working as expected. Implementing segregation of duties between your staff is part of this process, along with software applications to help detect anomalies.
Implementing Zero Trust isn’t a set it and forget it process. You need to continuously assess your controls and identify potential vulnerabilities before something bad happens.
How do I start?
Getting started is often the most challenging part of every new undertaking. Knowing where to begin can be overwhelming and can cause delays in implementation due to inaction. It’s essential to assess your current environment in all of the areas above and start to prioritize your most significant threats. It’s not enough to look at your network and infrastructure security alone. You need to evaluate your uses access, ensure the devices connecting to your network are valid, that data transmissions are secure and that you implement a process to monitor your security.
The IBM i is often the backbone of companies’ critical data. It’s vital to ensure that your IBM i configuration supports your Zero Trust plans. iTech can provide you with an assessment of your IBM i security to help identify potential threats to your critical data. Our team can help you implement the necessary remediation and solutions to achieve your goals.
More from this month:
- BRMS – Omitting Constantly Locked Files
- Shut down those /QIBM shares
- Understanding Storage Options for IBM i
- IBM i Security Resource Page
- iTech iTip Videos
- Sips & Tricks: Coffee with iTech
- iBasics: IBM i Education for the Beginner System Administrator
- iPOWER Hour Episode 36: Log4j2 Vulnerability: Are You Affected?
- Upcoming Events
- iTech Spotlight
- IBM i, FSP, and HMC release levels and PTFs (January 2022)