Nowadays, Zero Trust is the most promising cybersecurity approach, based on a simple but powerful concept “Never trust, always verify”. This security model assumes that no user or device can be trusted by default, therefore all access to resources is restricted, and users must authenticate and authorize themselves before they are granted access.
As Romania is not exempt from the cybercrime wave that floods the global economy, Datanet Systems and Cisco offer organizations the technology, consultancy, and services needed to develop a modern Zero Trust architecture.
Why is Zero Trust important?
In today’s digitalization, mobility, and remote work expansion, defending a large perimeter has become challenging for organizations. Traditional solutions have already proven inefficient, and security teams are desperately looking for help.
“In the past, defining the network infrastructure’s perimeter was easy, and all those within the network were considered trusted and protected by a firewall, from outsiders. However, nowadays, this traditional approach falls short. The mediaconstantly reports on alarming incidents such as ransomware attacks, data theft, and compromised IT infrastructure. As the global cyber environment becomes increasingly complex, the challenges facing organizations grow in sophistication. In recent years, we have witnessed a surge in high-profile cyberattacks, targeting both public and private sectors, with attack volumes reaching over 100% growth since the onset of the Ukrainian war. These attacks have highlighted the need for organizations to adopt a more resilient and secure IT strategy,” states Faruk Hairedin, Business Development Director la Datanet Systems.
What is Zero Trust in non-tech terms?
Zero Trust is a security model based on the principle of least privilege. This means that users and devices are only granted the access they need to perform their jobs and no more. Zero Trust also assumes that no user or device can be trusted by default and that all access to resources must be authenticated and authorized.
“These days, organizations heavily invest in securing networks and company systems, so breaching the firewall that protects the company’s critical resources is highly changeling. However, it has become extremely easy to hack a user account, which leads to credential theft and enables more extensive attacks. Through social engineering or AI-based phishing schemes, users often fall into traps, becoming the weakest link in the security chain”, considers Faruk Hairedin.
In a traditional security architecture, trust is automatically granted through access authentication, which allows attackers to move freely once they infiltrate the systems via a compromised account. Zero Trust, however, grants trust to each activity, blocking lateral movements and securing all resources, including the cloud, hybrid environment, remote work endpoints, and BYOD.
“The novelty brought by Zero-Trust, as the name implies, revolves around the concept of ‘implicit distrust.’ Even a legitimate user, using a company-managed device and connected to a workplace’s network, will no longer have automatic access to the company’s resources and data. First of all, they will have to prove their trustworthiness. Depending on the level of trust verified, they will only receive access to the specific applications necessary, and their network activities will be continuously monitored. Should any event diminish the user’s trust level, their network access will be automatically restricted”, mentioned Faruk Hairedin.
There are four main functions of Zero Trust:
- Identity and access management (IAM): This function is responsible for identifying and authenticating users and devices before they are granted access to resources.
- Micro-segmentation: This function is responsible for dividing the network into small, isolated segments. This makes it more difficult for attackers to move laterally through the network if they gain access to one segment.
- Continuous monitoring: This function is responsible for monitoring all network traffic for suspicious activity. This helps to identify and respond to attacks quickly.
- Threat intelligence: This function is responsible for collecting and analyzing threat intelligence data. This data can be used to identify and mitigate emerging threats.
What does Datanet Systems offer in terms of Zero Trust?
As the main Cisco partner in Romania, Datanet Systems offers a solution based on the Cisco Zero Trust framework, an approach that secures endpoints, cloud services, networks, and applications.
“We, at Datanet, take into account all three pillars of Zero-Trust, prioritizing the users and their devices, protecting private and cloud infrastructure, and securingapplications and data. By building upon our clients’ existing infrastructure, we integrate our comprehensive vision of security architecture, defining the business flows we aim to protect. After that, we identify potential attack vectors and outline the attack surface. Finally, we select the necessary security solutions to counter all threats that may affect these specific business flows. Our commitment to security at Datanet ensures that our clients’ assets and data are protected with a Zero Trust approach”, explains Faruk Hairedin.
For that, Datanet Systems integrates an extensive set of solutions that includes:
- Cisco Duo, a user-centric zero-trust security platform with two-factor authentication to protect access to sensitive data for all users and devices.
- Secure Endpoint, a solution that offers advanced endpoint protection across control points, enabling your business to stay resilient.
- Cisco Identity Services Engine (ISE): ISE is a comprehensive IAM solution that can help organizations identify and authenticate users and devices before they are granted access to resources.
- Cisco Secure Access Service Edge (SASE): SASE is a cloud-based solution that combines networking, security, and cloud access services. SASE can help organizations implement Zero Trust by providing secure access to resources from anywhere, at any time.
- Cisco Secure Workload (SW): SW is a cloud-based solution that provides micro-segmentation for cloud workloads. SW can help organizations protect their cloud workloads from attack by isolating them from each other.
Another important component in the Zero Trust architecture built on Cisco technology is SecureX. The SecureX platform collects data from all Cisco solutions and, through correlation with other threat-hunting and intelligence data, understands and contextualizes the actions of each user. Available with the purchase of any Cisco product.
“Zero Trust is gaining increasing importance as a security model, given the ever-evolving cyber threat landscape. Its effectiveness in tackling current challenges is generating growing interest in this approach for the years ahead. It is estimated that by 2025, 60% of organizations worldwide will adopt a Zero Trust strategy. However, this adoption will take time, as it requires a long-term vision, concerted efforts at the organizational level, phased objectives based on priorities and available resources, and a shift in mindset.
At Datanet Systems, we offer comprehensive end-to-end support to organizations implementing Zero Trust and improving their security posture, effectively protecting data from potential attacks. While each client’s business flows are unique, we skilfully address their specific needs by combining a powerful security solutions portfolio with the expertise of our engineers. With our holistic approach, we ensure successful outcomes for any market request“, concludes Faruk Hairedin, Business Development Director la Datanet Systems.
______________________
Note: Article published in Business Review – here.