Home Security Warning: Old security models failing to cope with rise and frequency of data breaches

Warning: Old security models failing to cope with rise and frequency of data breaches

Global security solutions and identity services vendor Centrify has warned that the increasing size and frequency of data breaches clearly demonstrates that old security models based on protecting network perimeters are failing both businesses and consumers.

Releasing its so-called Zero Trust approach to security, Centrify says this approach assumes that everything — users, endpoints, resources — is untrusted and always must be verified to decrease the chance of a major data breach.

Centrify accompanies its warning with a note that the problem with old security models is a “significant lesson” for Australia with its mandatory data breach notification law taking effect from February next year.

According to Centrify chief product officer Bill Mann, Zero Trust is the right approach to security today due to the porous network perimeter created by the rise of remote workers, BYOD devices and cloud resources.

“The modern hybrid enterprise must adopt a Zero Trust security model,” he said.

“Zero Trust is based on the motto of ‘never trust, always verify’, which assumes that internal networks can no longer be relied upon as a way of protecting enterprise resources and that users and devices within a network are no more trustworthy than users and devices outside of the network.

“Remote employees on BYOD devices accessing SaaS applications are as common today as someone sitting at their workstation inside the office. Centrify is committed to helping its customers embrace this reality by moving towards a Zero Trust security model where all access is authenticated, authorised and encrypted – with identity at the centre.”

According to Centrify, customers increasingly recognise that older, network-centric security approaches no longer apply, and today’s hybrid enterprise requires more application-centred models, with access grounded in identity.

Mann explains how Zero Trust delivers benefits including:

  •     Identity Assurance, which evaluates the security posture of a user based on location, device and behaviour to determine users are who they say they are;
  •     Trusted Endpoints, which only allow access to corporate resources from trusted endpoints, whether it’s a corporate owned, BYOD or public desktop, laptop or mobile device;
  •     Conditional Access, which grants just-in-time access to specific applications and infrastructure for a limited timeframe to users with a confirmed identity and who are using a trusted endpoint when logging in; and
  •     Least Privilege, where just enough privilege is granted, just in time to perform the needed operations and lateral movement is limited.

And Mann says major innovations amplify the need for Zero Trust networks, such as machine learning, move to ephemeral servers, adoption of microservices and security convergence, and claiming that to further Centrify’s move towards a Zero Trust security model, it has joined the FIDO (Fast IDentity Online) Alliance and strengthened its integration with Yubico.

“As co-creator of the FIDO U2F standard, Yubico believes that secure, easy-to-use and scalable authentication should be available to everyone,” said Jerrod Chong, vice-president of Product at Yubico.

“Centrify shares our mission to bring greater security and convenience to the enterprise. By adding FIDO U2F support, Centrify has the most complete set of YubiKey integrations available from a technology partner.”

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).