* This is sponsored content.
Office, branches, professionals working from home … The new coronavirus (SARS-CoV2) pandemic has messed up the lives of information security experts. The perimeter of the network was broken once and for all with the need to ensure remote access for employees – spread across the city, the country or even the world – to corporate assets in a safe way. At the same time, cyber threats are becoming increasingly sophisticated and difficult to detect. So, how is it?
You must have heard of zero trust by now. It is not a technology, but a framework (that is, a working model defined by a specific approach) that is based on the premise that no one should ever be trusted, whether that individual is inside or outside their corporate environment. Here, as “corporate environment”, we refer to your systems and infrastructure in the cloud, for example.
The question is simple. With the breakdown of the perimeter and the sophistication of cyber threats, it is unwise, at present, to rely on a simple combination of login and password. Credentials can be stolen and a malicious agent can impersonate your remote employee, gaining access to privileged information. One of the pillars of the framework is based on a constant verification of that identity.
This is done through behavioral and intelligent analysis, in addition to applications of access filters, well-defined privileges and segmentations of everything that is in your corporate network. The less privileges a collaborator has, the less the chance of a data leak if his credential is compromised. Furthermore, we can identify a criminal by looking at how he acts within the zero trust environment.
Another recurring problem for companies today is the Internet of Things (IoT) market. It is difficult for security professionals to have visibility into the devices connected to their network, especially in times of remote work. A simple sensor can hide an attacker or malware that, if not quickly identified, can cause irreversible damage.
Aruba ESP: zero trust for the Edge
To facilitate the resolution of all these problems, Aruba – a Hewlett Packard Enterprise company – offers the Aruba ESP, an integrated platform that adopts the zero trust framework to protect companies in this new normal. The solution is based, in principle, on solving three problems that professionals face today.
The first, of course, is to understand exactly what is part of your network, which includes all computers, smartphones, peripherals and an increasing range of IoT devices. All thanks to the Aruba ClearPass Device Insight. Then, the concept of “Less Access” is adopted, defining strict policies that authorize access only to devices, assets and applications that are needed at the appropriate time. ClearPass Policy Manager is responsible for this intelligent management.
It is interesting to mention that Policy Manager can also be integrated with hundreds of solutions that your company already uses, including endpoint security software and VPNs. Finally, the zero trust framework is guaranteed through the segmentation of devices (which remain “separate” within the network according to the need) and a control of privileges for userss. In total, Policy Manager integrates with more than 150 solutions on the market, being flexible enough for you to create your own policies and rules as needed.
The Aruba ESP is the first unified zero trust platform that uses artificial intelligence to automate and facilitate work to ensure that such a framework is applied uniformly in all information security processes. Find out more about how the solution is able to help your business stay protected against the new threats of this new normal.
See the original post at: https://thehack.com.br/zero-trust-proteger-sua-empresa-e-nao-confiar-em-ninguem/?rand=48873