With recent work-from-home (and what will probably evolve into hybrid) work environments, increasing coupled with recent attacks on remote working systems, new approaches are required. This brings Zero Trust back into the spotlight. The main idea behind Zero Trust is that networked devices, like laptops, should not be trusted by default. This applies even where they are connected to a managed corporate network.
According to Tarun Desikan, Banyan Security COO & Co-founder, the vulnerabilities around many remote working systems shows the importance of the Zero Trust approach. This type of approach can be utilized by employees, developers, and third parties to work from anywhere accessing corporate data without relying on network-centric solutions like VPNs.
Tarun Desikan considers a real-life case from the U.S.: “With Congresswoman Nancy Pelosi’s laptop being stolen recently, device loss has been on the minds of security folks.” (Riley Williams has been accused of taking part in the Capitol riot and stealing Nancy Pelosi’s laptop).
In terms of what can be done, Desikan describes: “Full disk encryption and well-chosen passwords help.” However, more can be done.
Desikan explains that “When a laptop is stolen, thieves don’t just get the data on the device itself, they often get the keys to anything that device and its user’s credentials had access to. That’s why zero trust is such an important concept in cybersecurity.”
With Zero Trust, every attempted access is subject to strong authentication. In addition, the accessing device is checked for authority to access.
By Zero Trust, Desikan means: “The ‘Trust no one’ approach, including not trusting users or devices even though they are within a network or have been trustworthy before. I sleep better at night knowing that our Zero Trust system allows me to invalidate a device’s certificate upon loss or theft, rendering it unable to connect to any of my organization’s resources, regardless of what credentials a bad guy has.”
Desikan concludes, simply and to-the-point: “That’s powerful. That’s ‘device trust’.”