As we progress technologically, like AI /Digital Transformation / Zero Trust Network, there is much need to secure the data. Data is everything in the current scenario much more valuable than gold and oil. Cybercriminals always seem to be a step ahead of us using the best technologies to their advantage, they can alter messages in real time. Cybersecurity has become a challenge holistically, so we need to stick to the basics and create more awareness among all stakeholders, ensure appropriate defense mechanisms, adopt resilient processes.
Zero Trust literally means not to believe in anyone, but technically it is securing your perimeters, protecting the boundaries of your network from any unauthorized access and potential threats. In today’s threat landscape we require continuous verification, deploy MFA, regular monitoring of endpoints, least privilege access and segmentation of the network – measures for continual improvement.
With AI we are preparing models to combat cybercriminals but social engineering, phishing techniques, faking impersonation has reached a different level of sophistication. In this scenario, Threat Intelligence Analysis needs to gain prominence for monitoring and prepare preventive measures for any organization. Implementing Zero Trust is a step forward in securing access control with continuous verification for any user to your network and its applications / services deployed within.
Organizations need to move to a Zero Trust network. First and foremost, the requirement is to remove all LAN cables and switch to a complete Wi-Fi-Network. This should ensure if any user with new device or BYOD users need to inform IT for connectivity. IT can check the role of the user / vendor / client and connect to the specific SSID already configured.
Some basic steps we can perform to protect our data in cloud / hybrid mode.
- The customer on the internet needs to connect to a ZeroTrust VPN.
- This VPN is bound to the application virtual private cloud.
- The virtual private cloud should have different network load balancers (test NLB, development NLB, production NLB)
- The load balancers connect you to the applications in a private subnet and the data in another private subnet.
- To ensure latency issue is taken care of there can be multiple private subnets for both applications and data in different zones and they should be replicated in real time.
- There should be regular backups / snapshots of the application, database as well as BLOB storage if any.
- Regular backups ensure minimum loss of data in case of any failover
- Also, when you perform backups, these should be restored at a regular interval to check the results.
Additional measures like maintaining user databases in Active directories and performing SSO for the applications should be a good practice.
At TCGDigital, our developers use tools which follow secure coding using DAST / SAST. We are leveraging multi-factor authentication (MFA) by implementing SSO to access applications. Using the TCG Digital AI platform, tcgmcube, security logs are ingested in real-time to generate Threat Intelligence Analysis, perform Configuration Management, and prepare a resilient, secured network.
in my opinion, the emphasis should be on endpoint security, emails, portal and removable media. There should be advanced security protection, monitoring solutions implemented to safeguard and protect sensitive data thereby combating emerging and evolving cyber threats. You have entered the premises earlier, but please authenticate before entering the premises again – this level of attitude your security framework should maintain to achieve Zero Trust.
Comments