The geolocation of users is no longer a key factor to recognize possible authorized and unauthorized connections (cybercriminals). As business digitization evolves, VPN use is suitable for gate surveillance, but not sufficient.
An example of this has been the cyberattack on the US Colonial pipeline derived from remote access via VPN. Cybercriminals obtained the username and password of an external worker.
For this reason, the Zero Trust represents a further step in terms of security (both as a complement to, and as a replacement for the VPN connection). Zero trust (distrust of every user) allows us to guarantee surveillance in access and, also, during connection time, once inside the system. The objective is to avoid that a strange user has been able to sneak into our corporate network.
In today’s advice, we remind you of some of the fundamental aspects involved in implementing Zero Trust security in our company or organization:
– Implementation of a double authentication factor: not only access by username and password. . It is necessary to receive a security code by other means to be able to connect (application, email, SMS, etc.). Zero trust is very common, especially if you use cloud hosting solutions, accessible through a web.
– Application of the principle of least privilege: that users only have access to that information that is strictly necessary for the exercise of their functions. This will prevent third parties, both workers and unauthorized outsiders, from being able to access confidential data restricted to certain areas or positions, even accidentally.
– Continuous authentication of connected usersthis will mean that from time to time the session expires due to inactivity and we must re-enter the access password, so that the system recognizes us as authorized users. And also that, apart from the login password, we make use of additional decryption keys to access to certain restricted or strictly confidential information. Thus, according to the Zero Trust, if a cybercriminal managed to violate the first access barrier to the company’s private network, they would not necessarily access all the information. Which means that he will have to continually break new security barriers.
– Monitoring of the use and of the traffic derived from the connection to the network: to guarantee that the use is secure, legitimate and that the activity of the users is duly recorded. With this, security systems would be able to detect interference from unauthorized third parties (cybercriminals), who have managed to access the corporate network. In the event of an incident, it would be possible to know the steps they have taken, how they have evaded the first control and how far they have gone in the system.