Do you remember the infamous historical character from the battle of Plassey? The chief commander of the Nawab of an East Indian province became an embodiment of betrayal after the historic loss in the battle. The culprit misused the blind trust and faith that his nawab kept on him and eventually allowed the British troops to conquer the land. Who knows if the Nawab would have verified this trustworthiness, maybe the history would have been different? Trust, once lost, can never be retrieved – similarly, the loss which incurs from a mistrust is rarely recovered.
What is the moral of the story?… never assume the ‘trust’ but always reassess it.
A modern IT ecosystem is no different from a fallen empire where a major part of the infrastructure security relies on reassessing the trust. For any IT ecosystem, privileged identities hold the key to the ‘kingdom’ of confidential business data. If any of those identities breach the ‘trust’, it could result in a catastrophic IT incident.
The IT environment that is capable of defending both internal and external threats and can continuously re-assess the trustworthiness of privileged identities, is the strongest “commander” of the organization. Therefore building a Zero Trust architecture, wherein the ‘trust’ of every identity is continuously evaluated is of utmost importance.
As the global organizations are prioritizing health and safety due to the on-going pandemic, employees and employers are increasingly getting accustomed to remote work culture. It’s a huge security challenge especially when end users remotely access business-critical information. Traditional firewalls can no longer offer the same extent of IT security for employees who are logging remotely.
Further, distributed data centers, adoption of cloud environments and integration of IT operations with third-party service providers have expanded the threat surface. This is where the Zero Trust security framework becomes crucial.
Why does your enterprise need ARCON | Privileged Access Management?
The crux of ‘Zero Trust’ security model
Banking, Government, Insurance… Almost all industry verticals are adopting this new security architecture. So what exactly is it? How different is the Zero Trust framework from the others?
The Zero Trust security model is a conventional shift from a perimeter-centric security approach to the data-security centric model. This model challenges the conventional model, which is more inclined towards perimeter (network) security… focus is on firewalls and advanced tools like network intrusion detection systems.
More importantly, the conventional models assume that there is no threat inside the inner IT realm. That notion is wrong. If that’s the case then why are we witnessing the abuse of privileged identities so often?
On the other hand, the Zero Trust model never assumes ‘trust’ but it continuously assesses ‘trust’ using risk-based assessments available from information gathered. Secondly, the model rightly assesses a modern-day enterprise IT ecosystem, which is distributed. Users access to databases and applications is not only happening from on-premises data centers, but from remote and third-party environments as well.
Resultantly, the model says there is an urgent need to have a unified data security policy for all applications and databases, which can be done by constructing semi-perimeters and semi-segmentations, so that access to every database and application is secure, controlled, and documented. ‘Deny all access, until the identity’s trust is verified’… that’s the need of the hour.
ARCON | Privileged Access Management (PAM) solution helps organizations to build the foundation of Zero Trust architecture. The tool is built on the credo which is ‘Assessment of trust is not a one-time task, it is a continuous process’ and therefore, “we trust you, but we will continuously assess the trust’.
Analyst Thoughts on the role of ARCON | PAM in Zero Trust Privileged Access Security
In ARCON thought analysis, ARCON discusses best practices that ‘define’, ‘limit’ and ‘inspect’ identities continuously. This paper demonstrates ARCON | Privileged Access Management solution’s capabilities that can help IT, security leaders, to build a resilient Zero Trust Security Architecture around the most ‘trusted identities’- the privileged identities.
With the help of some key elements, ARCON | PAM solution ensures the Zero Trust architecture by inspecting privileged identities continuously. Here are some brief descriptions:
- Real-time monitoring of the privileged sessions, whether taken remotely, by third-party or on-prem users, enables the IT security team to monitor and detect any suspicious activity around the privileged accounts. A Live Dashboard assists the administrators with a real-time view of all critical activities performed by the end-users across the IT infrastructure and helps in frequent IT audits.
- A single layer of privileged user authentication might not be a foolproof measure to ensure the trust of the user. Some recent sophisticated cyber incidents suggest that privileged credentials, OTP and even biometric access can be compromised. Hence, modern IT infrastructure demands some more advanced technology like multi-factor adaptive authentication to re-assess the authenticity of the user. On the basis of his/ her past behaviour, this technology verifies the location of the user, his/ her typing speed and even IP address of the device used to perform any task. Any disparity in any of these criteria can prevent user access to the target system. This emphasizes that the privileged task is happening through an authorized environment, else, the administrator is given a red alert.
- Another deep-learning threat-detection system named Knight Analytics detects, predicts and displays suspicious user profiles to the administrator. This engine is based on AI technology and learns every user’s behaviour based on their previous work data, login history and device IPs. Any kind of deviation from the behavioural trend is considered as a risky pattern and the IT security team is notified.
- Robust granular access control in a multi-tier network structure reduces risks arising from unmonitored users. With the help of this restrictive approach, the privileged users are allowed to access critical systems only on a “need-to-know” and “need-to-do” basis.
Modern organizations have complex IT setup, wherein huge enterprise data is distributed in shared or hosted environments. Simultaneously, the number of privileged accounts and privileged identities rises exponentially and the risk factors also increase. Large numbers of privileged identities continuously access critical systems and sensitive databases to perform privileged tasks. Organizations can no more count on the “apparent trust” that revolves around the privileged users. In order to ensure a resilient security framework, organizations must adopt stringent security practices that seamlessly monitor and verify the so-called ‘trusted’ users in the network periphery. Here is the essence of Zero Trust architecture.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.