start portlet menu bar

HCLSoftware: Fueling the Digital+ Economy

Display portlet menu
end portlet menu bar
start portlet menu bar end portlet menu bar
Close
Select Page
Automation
  | February 6, 2023

Zero Trust Security: How To Get Your Endpoints Ready

Dan Wolff
Dan Wolff
Director of Solutions and Product Marketing for BigFix
Zero Trust Security: How To Get Your Endpoints Ready

The attacks that exploited the Log4J vulnerability illustrated that malicious actors work quickly to find new ways of compromising organizations. This trend has been growing for several years, making it clear that organizations need to detect and respond to threats much faster than traditional, perimeter-based approaches allow. That’s why both the government and the private sectors have been embracing the paradigm shift to Zero Trust security.

Zero Trust—the idea of “never trust, always verify”—is a growing practice across all sectors. In 2022, 41% of surveyed organizations said they’ve deployed Zero Trust security, compared to 35% the year before.While the new mandates to shift toward a Zero Trust architecture are specific to federal agencies, private enterprises should also strongly consider integrating this approach into their cybersecurity strategies. A Zero Trust policy can help them ensure compliance with various other mandates, such as HIPAA and GDPR, as well as strengthen security overall.

The Core Tenets of a Zero Trust Architecture

The basic premise of Zero Trust security is that no device, identity, or connection request should be trusted implicitly. Although there are many ways of implementing a Zero Trust architecture, in 2022 the National Institute of Standards and Technology (NIST) outlines seven basic tenets:

  • All-encompassing resources: Zero Trust considers all data sources and computing services as resources—not only traditional systems such as endpoints that connect to the network but also resources such as dynamic cloud computing services.
  • Secured communication: You can’t trust a connection request just because it’s coming from inside the perimeter. All requests, regardless of location, need to meet the same authentication requirements.
  • Session-based access: Trust must be established each time before access is granted to a resource, which means that trust can only be valid for one session.
  • Attribute-based policy enforcement: You need to set up policies based on attributes such as behavior, location, environment, etc.—and these dynamic policies are used to determine resource access.
  • Monitoring and measuring asset integrity and security posture: When evaluating a connection request, you must first evaluate the security posture of the asset. To achieve this, you need a robust monitoring and reporting system for endpoints and other systems.
  • Dynamic authentication and authorization: In today’s dynamic environment, reevaluating trust and granting access is an ongoing process.
  • Data collection: Your organization needs to collect data about the state of the network and communications—such as device posture, network traffic, and access requests—and use that information to continuously improve security posture.

Monitoring the State of Your Assets

Adhering to NIST’s tenet of measuring the posture of all owned and associated assets requires implementing a system for continuous diagnosis and monitoring (CDM). This system allows you to secure endpoints by proactively discovering those that have vulnerabilities, are compromised, or are not managed by your enterprise—so you can treat their access to resources differently and quickly mitigate vulnerabilities.

The right endpoint solution should deliver capabilities such as:

  • Providing visibility into all your endpoints
  • Automatically collecting data about the current state of your assets, network infrastructure, and communications
  • Applying updates to configurations and software components
  • Instantly changing access policies and closing endpoints while also distinguishing between internal and external devices
  • Closing vulnerabilities before malicious actors can exploit them during an attack
  • Reporting data to help maintain compliance with industry-specific regulations and policy requirements

Consider the Log4J example. Within a few days of the zero-day vulnerability being reported, Chinese state-backed attackers and other hackers launched more than 840,000 attacks, according to media reports. BigFix provided a way of disabling the exploitation within 24 hours by directly manipulating the metadata of the services using the Log4J java logging library—and quickly rolled out patches for affected apps. This is just one example of how having visibility into your endpoints and continuously monitoring them with the right endpoint security management software can help you implement a stronger Zero Trust Architecture.

Implementing the Zero Trust Tenets

NIST describes its Zero Trust tenets as “the ideal goal”—you may not implement each of them fully depending on your strategy. Zero Trust is not an “all or nothing” approach. Most organizations implement the principles incrementally and in several technology refresh cycles.

That said, the ability to identify and manage devices is critical to a successful implementation of a Zero Trust Architecture. As NIST explains it, simply cataloging your assets is not enough—you must have a process for observing the state of devices, monitoring and managing configurations, and identifying risks (such as vulnerabilities) before granting access requests. Implementing a solution that allows you to do these things seamlessly, effectively, and ideally all in one tool is a good place to start your Zero Trust journey.

Want to learn more about ways your organization can use Zero Trust to meet security compliance?

Watch our video and download our e-book.

Comment wrap
Dan Wolff
Dan Wolff
Director of Solutions and Product Marketing for BigFix
Dan Wolff is the Director of Solutions and Product Marketing for BigFix, responsible for all global go-to-market strategy and programs. Previously, he was Director of Cloud Security Product Management in IBM’s Security Division, driving new cloud security offerings from concept to launch across IBM. Previously, Dan was McAfee’s Director of Products for Endpoint Security, responsible for enterprise endpoint security products. He is a recognized security expert with over 18 years of security product management and product marketing experience.
Read more

Topics in this article:

BigFixendpoint managementEndpoint SecuritySecurityzero trust

Submit a Comment

Your email address will not be published. Required fields are marked *

* HCL provides software and services to the U.S. Federal Government through its partner Four, Inc. Please contact Four, Inc. at the U.S. Federal Government contact page.


bigfix
Automation | September 15, 2023
Unleash the Power of HCL BigFix Workspace -Elevate the Employee Experience
Come check out how HCL BigFix Workspace is changing the employee experience (EX) in the digital transformation landscape.
Uffe Sorensen
Deepika Choudhary
Senior Manager, HCL BigFix
bigfix
Automation | September 13, 2023
Introducing BigFix AEX - Transforming Conversational Engagement and Enterprise Experiences with GenAI
HCL BigFix is proud to announce the power of BigFix AEX, a module within the new BigFix 11. Stop in to learn how we’re changing the landscape of GenAI technology.
Uffe Sorensen
Pravesh Gosain
Head of Offering & Product Management, DRYiCE
bigfix
Automation | September 7, 2023
BigFix 11 Fueled by AI - Align IT and Security Operations while Elevating User Experience
HCLSoftware is proud to announce the new release of BigFix 11, which combines the latest in AI IT automation with cutting-edge security capabilities in a unified solution. HCL BigFix 11 sets a new standard by embedding Generative AI, Machine Learning (ML) and Natural Language Processing (NLP) into IT automation solutions and combining this with enhanced security capabilities such as advanced vulnerability management tools, making it the most robust BigFix release to date.BigFix 11 focuses on empowering organizations, through technology automation, to accelerate ITOps velocity with AI, align SecOps and ITOps with security innovations, and provide the C-Suite with unified ways to measure and manage cyber risk with business decisions. This release marks a significant milestone, as it brings all this together into one cohesive solution.
Uffe Sorensen
Deepika Choudhary
Senior Manager, HCL BigFix
start portlet menu bar end portlet menu bar