Intelligent CIO APAC Issue 18 - Page 42

FEATURE : ZERO TRUST
While we ’ ve been hearing about Zero Trust for a few years , it would be a mistake to think of the concept as a typical security solution . Rather than a list of boxes to be ticked off , it is more a mindset guiding each organization down a unique path determined by their individual infrastructure and objectives . It is about forcing attackers into taking more risks .
Key to Zero Trust is the ability to adapt security measures and verify authorization at every point , and there a number of technologies and techniques that can minimize impact to users . Single sign-on ( SSO ), for example , significantly reduces friction because users
ABOUT THE AUTHOR only have to be verified once to gain access to different systems and information . However , it is important that passwords are not the only security controls .
PAM and EPM provide strong controls
Strong privilege controls are a vital element in reducing risk . A comprehensive Privileged Access Management ( PAM ) solution allows organizations to adopt the principle of least privilege , so that users can only access the data and applications they need . In particular , PAM controls the privileges of admin accounts which adversaries target to gain full access to systems . It also controls access to valuable or sensitive information by privileged users who are targets for cybercriminals .
Joseph Carson is the Chief Security Scientist and Advisory CISO for ThycoticCentrify , a leading provider of cloud identity security solutions formed by the merger of privileged access management ( PAM ) leaders Thycotic and Centrify . Carson , has over 25 years ’ experience in enterprise security , is the author of Privileged Account Management for Dummies and Cybersecurity for Dummies , and is a cybersecurity professional and ethical hacker . He is a cybersecurity advisor to several governments and the critical infrastructure , financial and transportation industries .
Endpoint privilege management ( EPM ) is an important tool that addresses risks associated with local admin access exploited by ransomware and other threats . EPM combines application control and PAM so only trusted , known applications can be run on user devices . It allows security to be adaptive and evolve to address new threats as opposed to relying on usernames and passwords and trusting users to always do the right thing .
Multi-factor authentication ( MFA ) is also an effective way to enforce adaptive authentication and has become very user-friendly in recent years thanks to biometrics . When users act suspiciously , such as
42 INTELLIGENTCIO APAC www . intelligentcio . com