Security resilience requires sturdy, user-friendly defenses
The idea of zero belief isn’t a brand new one, and a few might even argue that the time period is overused. In actuality, nonetheless, its criticality is rising with every passing day. Why? Because lots of at this time’s assaults start with the person. According to Verizon’s Data Breach Investigations Report, 82% of breaches contain the human ingredient — whether or not it’s stolen credentials, phishing, misuse or error.
Additionally, at this time’s companies are hyper-connected, which means that — along with your workers — prospects, companions and suppliers are all a part of your ecosystem. Couple that with hybrid work, IoT, the transfer to the cloud, and extra emboldened attackers, and organizational danger will increase exponentially.
Adopting a zero belief mannequin can dramatically cut back this danger by eliminating implicit belief. It has turn out to be so essential, in truth, that a number of governments together with the U.S., UK and Australia have launched mandates and steering for the way organizations ought to deploy zero belief to enhance nationwide safety.
However, as a result of zero belief is extra of an idea than a expertise, and so many distributors use the time period, organizations wrestle with one of the simplest ways to implement it. At Cisco, we imagine it is best to take a holistic method to zero belief, beginning with what you could have and including on as you establish gaps in your defenses. And whereas layers of safety are crucial for highly effective safety, so is ease of use.
Strengthen safety resilience with zero belief
Zero belief performs a significant position in constructing safety resilience, or the flexibility to resist unpredictable threats or modifications and emerge stronger. Through zero belief, the identification and safety posture of customers, gadgets and functions are repeatedly checked and verified to stop community intrusions — and to additionally restrict impression if an unauthorized entity does acquire entry.
Organizations with excessive zero belief maturity are twice as prone to obtain enterprise resilience.
– Cisco’s Guide to Zero Trust Maturity
Eliminating belief, nonetheless, doesn’t actually conjure up pictures of user-friendly expertise. No matter how crucial they’re for the enterprise, workers are unlikely to embrace safety measures that make their jobs extra cumbersome and time-consuming. Instead, they need quick, constant entry to any utility regardless of the place they’re or which machine they’re utilizing.
That’s why Cisco is taking a distinct method to zero belief — one which removes friction for the person. For instance, with Cisco Secure Access by Duo, organizations can present these connecting to their community with a number of fast, simple authentication choices. This approach, they will put in place multi-factor authentication (MFA) that frustrates attackers, not customers.
Enable seamless, safe entry
Cisco Secure Access by Duo is a key pillar of zero belief safety, offering industry-leading options for safe entry, authentication and machine monitoring. Duo is customizable, easy to make use of, and easy to arrange. It permits using trendy authentication strategies together with biometrics, passwordless and single sign-on (SSO) to assist organizations advance zero belief with out sacrificing person expertise. Duo additionally supplies the pliability organizations have to allow safe distant entry with or with no VPN connection.
During Cisco’s personal roll-out of Duo to over 100,000 folks, lower than 1% of customers contacted the assistance desk for help. On an annual foundation, Duo is saving Cisco $3.4 million in worker productiveness and $500,000 in IT assist desk help prices. Furthermore, 86,000 potential compromises are averted by Duo every month.
Protect your hybrid work atmosphere
La-Z-Boy, one of many world’s main residential furnishings producers, additionally needed to defend its workers in opposition to cybersecurity breaches via MFA and 0 belief. It wanted a knowledge safety resolution that labored agnostically, may develop with the corporate, and that was simple to roll out and implement.
“When COVID first hit and people were sent home to work remotely, we started seeing more hacking activity…” mentioned Craig Vincent, director of IT infrastructure and operations at La-Z-Boy. “We were looking for opportunities to secure our environment with a second factor…. We knew that even post-pandemic we would need a hybrid solution.”
“It was very quick and easy to see where Duo fit into our environment quite well, and worked with any application or legacy app, while deploying quickly.” – Craig Vincent, Director of IT Infrastructure and Operations, La-Z-Boy
Today, Duo helps La-Z-Boy keep a zero belief framework, keep compliant, and get clear visibility into what’s connecting to its community and VPN. Zero belief helps La-Z-Boy safe its group in opposition to threats equivalent to phishing, stolen credentials and out-of-date gadgets which may be susceptible to identified exploits and malware.
Build a complete zero belief framework
As talked about, zero belief is a framework, not a single product or expertise. For zero belief to be really efficient, it should do 4 issues:
- Establish belief for customers, gadgets and functions attempting to entry an atmosphere
- Enforce trust-based entry primarily based on the precept of least privilege, solely granting entry to functions and information that customers/gadgets explicitly want
- Continuously confirm belief to detect any change in danger even after preliminary entry is granted
- Respond to modifications in belief by investigating and orchestrating response to potential incidents
Many expertise corporations might supply a single part of zero belief, or one facet of safety, however Cisco’s strong networking and safety experience permits us to offer a holistic zero belief resolution. Not solely can we help all of the steps above, however we are able to achieve this throughout your entire IT ecosystem.
Modern organizations are working multi-environment ecosystems that embody a mixture of on-premises and cloud applied sciences from varied distributors. Zero belief options ought to have the ability to defend throughout all this infrastructure, regardless of which suppliers are in use. Protections also needs to prolong from the community and cloud to customers, gadgets, functions and information. With Cisco’s intensive safety portfolio, working on a number of clouds and platforms, zero belief controls may be embedded at each layer.
Map your path to zero belief
Depending on the place you’re in your safety journey, embedding zero belief at each layer of your infrastructure might sound like a lofty endeavor. That’s why we meet prospects the place they’re on their path to zero belief. Whether your first precedence is to satisfy regulatory necessities, safe hybrid work, defend the cloud, or one thing else, now we have the experience that can assist you get began. We present clear steering and applied sciences for zero belief safety mapped to established frameworks from organizations like CISA and NIST.
Much of our Cisco Secure portfolio can be utilized to construct a profitable zero belief framework, however some examples of what we provide embody:
- Frictionless, safe entry for customers, gadgets and functions via Cisco Duo
- Flexible cloud safety via Cisco Umbrella
- Protected community connections and segmentation with the Cisco Identity Services Engine (ISE)
- Application visibility and micro-segmentation by way of Cisco Secure Workload
- Expert steering from the Cisco Zero Trust Strategy Service
All of our applied sciences and companies are backed by the unparalleled intelligence of Cisco Talos — so that you at all times have up-to-date safety as you construct your zero belief structure. Additionally, our open, built-in safety platform — Cisco SecureX — makes it easy to increase and scale your safety controls, figuring out they’ll work along with your different applied sciences for extra unified defenses.
Enhance safety with an built-in platform
As Italy’s main insurance coverage firm, Sara Assicurazioni requires full visibility into its prolonged community, together with a multi-cloud structure and hybrid workforce. The firm has adopted a complete zero belief technique via Cisco Secure.
“Our decentralized users, endpoints, and cloud-based servers and workloads contribute to a large attack surface,” says Paolo Perrucci, director of data and communications expertise architectures and operations at Sara Assicurazioni. “With Cisco, we have the right level of visibility on this surface.”
“The main reason we chose Cisco is that only Cisco can offer a global security solution rather than covering one specific point…. Thanks to Cisco Secure, I’m quite confident that our security posture is now many times better because we are leveraging more scalable, state-of-the-art security solutions.” – Luigi Vassallo, COO & CTO, Sara Assicurazioni
Expand your zero belief technique
To be taught extra, discover our zero belief web page and join certainly one of our free zero belief workshops.
Watch video: How Cisco carried out zero belief in simply 5 months
We’d love to listen to what you assume. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share: