504-588-2000
圣查尔斯大街525号
mg摆脱网站

Imagine that you’re in charge of protecting a castle. The castle has a drawbridge and a moat around it. You have guards stationed at the drawbridge who monitor the people coming into the castle. The guards let citizens in and keep known bad guys out. Because the guards prevent the bad guys from coming into the castle, the citizens can safely go about their business.

Now imagine that the bad guys have found other ways to get inside the castle besides the drawbridge. 他们在夜里爬墙而不被发现. They’re getting past the guards by disguising themselves as citizens. They’re even impersonating the king and queen, sending out edicts in their names.

Protecting the castle by controlling who gets across the drawbridge is no longer enough. Now you have to take greater measures to make sure that people wanting to enter the castle are who they say they are and have them go through checkpoints as they travel about the castle. You need to create a way to make sure that any edict is truly coming from the king and queen. And you need to have soldiers at the ready to fight to defend the castle and citizens when intruders are exposed.

This is an analogy for what’s happened in the digital world, and the reason for the Zero Trust approach to cybersecurity strategy.

Protecting Your Network Perimeter Isn’t Enough

Zero Trust has emerged because setting up technical barriers around your network isn’t enough to protect your organization from cyber-attacks. Cyber threats have evolved with Artificial Intelligence and easy access to Dark Web technology. Your network has evolved too as you’ve added cloud apps, remote workers and connected devices which means you don’t have a defined network perimeter like you used to.

零信任, the goal is not just to protect but to actively defend and prevent unauthorized access to data and applications.

Zero Trust is guided by three main principles: (微软正在发展零信任)

  • Verify explicitly using multiple data points
  • 使用最低权限访问
  • 假设网络已被攻破

相关: Learn about the Cybersecurity Basics You Can’t Ignore

如何赢得信任

Zero Trust cybersecurity strategy is about setting up practices and processes that require people and systems to earn trust. If your organization is using Multi-Factor Authentication (MFA), you already have one experience with how trust is earned.

验证

When a user or a device attempts to access data or an IT system, its identity must be verified. MFA是一层验证. Other attributes like geography can be added to the verification process.

最小特权访问

Least privilege simply means that people and IT systems only have access to what they need to perform their role.

承担违约

网络入侵者可以在不被发现的情况下四处走动, doing damage and gathering intelligence for an attack, 所以防御措施应该持续下去.

网络保护变成了网络防御

零信任是逐步实现的, as your organization implements the layers that are necessary to automate security controls and educate users about expectations and behaviors. It’s a process that never stops because cyber threats are evolving at such a fast pace.

然而, if your organization isn’t already operating with all of the tactics that are required for a modern cybersecurity defense, then fast action is necessary today to bring your security posture up to speed. 这是为什么,

  • 40% of cyber breaches actually originate with authorized users accessing unauthorized systems – 国际数据公司(IDC)
  • Nearly 60% of attacks involve lateral movement through an IT system – VMWare白皮书pdf
  • 71.4% of organizations have at least one compromised Microsoft account a month – 迈克菲
  • VPN is exploited in 68% of major incidents involving remote access tools – 国际数据公司(IDC)
  • It can take 197 days to identify a cyber intruder and 69 days to contain a breach – IBM

零信任是为你准备的

零信任包含在 白宫的行政命令 that addresses the modernization of government cybersecurity.

The Zero Trust approach to cybersecurity isn’t just for big businesses and the government. It’s for every organization because the threats are real and the impact of a cyber-attack can be devastating, 甚至到了生意失败的地步.

更重要的是, the war on cybercrime requires vigilance on everyone’s part, 无论是政府部门还是私营部门. When you guide your cybersecurity strategy toward a Zero Trust approach, you’ll be defending your business and playing a role in the global fight against cybercrime.

Cybersecurity 服务 for New Orleans Businesses

mg摆脱网站, we bring clients the cybersecurity expertise that’s necessary for creating and implementing a solid cybersecurity defense. Our dedicated Security Operations Center (SOC) is staffed locally by professionals who are certified experts in security.

mg摆脱网站进行mg游戏平台评估 and take the first step towards security peace of mind.

安排安全评估