The future holds endless possibilities. The next great moment, widget or experience is just around the corner. In cybersecurity, we have heard promises for a better future for decades. Different product categories have come (and, in some cases, gone). Many products were merely features and not a solution to a fundamental problem.
Marketing campaigns paint a picture that one solution fixes all your problems. The reality is there is no magic solution. One product isn't going to protect against phishing, malware, ransomware, lost or stolen devices, accidental sharing, malicious insiders, misconfigured permissions and secure collaboration.
What the industry has been aiming for is a zero-trust solution. To implement zero trust, you need to have control over authentication, network, device and data. Today you can achieve control over authentication, device and network, but there is no control over data.
Once a user authenticates their identity, device and network, how do organizations protect data the user downloads from their SaaS solutions, like finance, human resources, sales or even software source code? Organizations need to add control over their data to achieve zero trust.
Authentication occurs over many protocols, but one of the most popular today is security assertion markup language (SAML). SAML centralizes identity and access management across cloud and endpoint. Identification must be managed centrally for all access control. Managing multiple authentication systems leads to data breaches, such as misconfigured authentication to cloud applications.
Achieve device control via mobile device management (MDM) and endpoint detection and response (EDR). MDM enforces that endpoints have a proper security posture, ensuring EDR and DASB installation. Administer the posture before the device gains access to cloud solutions such as Salesforce, Workday, GitHub or QuickBooks. Without a standard baseline security posture, a computer that downloads sensitive data may be at risk or may already be compromised. EDR will maintain security on the device and protects for malware, antivirus, key loggers and suspicious insider behavior. EDR can automatically monitor and disable suspicious devices and block the device and user from accessing any sensitive data based on historical usage profiles. An EDR is not looking for a specific risk signature but is looking for suspicious or unexpected behavior.
Transport layer security (TLS) ensures network control. TLS has replaced the secure sockets layer (SSL). The combination of MDM and SAML can ensure a device is connecting from a secure network location before accessing sensitive cloud data.
Read the full article here