A Cybersecurity Analyst Needs To Implement Secure Authentication

A Cybersecurity Analyst Needs To Implement Secure Authentication – Let’s face it, most business information security professionals would agree that Zero Trust is the right strategy when it comes to securing remote access for our modern work styles and modern infrastructures. Most of our workforce and our resources are located outside the now obsolete corporate perimeter. So there is a consensus that we must find a new way forward in cybersecurity and information systems if we are to support the productivity of remote workers – while effectively protecting sensitive resources. which supports productivity. Experts say it all – Zero Trust is the answer.

But I’m like you and I’m researching to find out what it means so I can implement the best Zero Trust. What I learned is that Zero Trust is a security strategy or even a philosophy based on the idea that we should not assume or define trust as part of any access request based only on history or anything we think we already know about who asked.

A Cybersecurity Analyst Needs To Implement Secure Authentication

A Cybersecurity Analyst Needs To Implement Secure Authentication

We used to believe that our corporate networks were trusted, so anyone who could join that network was also considered trusted, not a cyber risk. The same goes for our VPNs. The corporate laptop that we issue with a well-made image is secure when we issue it, so all activities on that device are considered reliable.

Optimizing Cloud Governance On Aws: Integrating The Nist Cybersecurity Framework, Aws Cloud Adoption Framework, And Aws Well Architected

You get the point – for years we’ve relied on historical beliefs and insufficient validation to allow broad access to our sensitive stuff without fear of cyber threats.

With Zero Trust, we treat each application, system, or resource request as a separate transaction that begins with undefined trust. This will solve many problems. It solves wider access by requiring new authentication for each requested resource, every time. This permanent authorization effectively prevents lateral movement within an environment or network.

A zero-trust cybersecurity posture also ensures that we have the opportunity to reject a new request if something bad happens since the last successful access. Credentials may be stolen and the applicant is not who they are. Maybe their device is compromised by malware and it’s no longer safe to allow that device to be used for sensitive activities.

I thought bad things could (and do) happen at any time. When I’m out and about, I’m constantly switching from one Wi-Fi to another and not all of them are secure. Sometimes I discover a new app to install. I check my email and browse the internet and click on things while I work. These are all activities that anyone in the security business would say are potentially dangerous, and any one or more of them increase the risk to me as a consumer of corporate material.

Analyst Chat #154: 2022 Wrapped Up

Then I asked myself how often I check the many systems I rely on to do my job. For most of them it’s only once a day.

Then I realized that one-time authorization violates the very principle of zero trust. In the same way that castle perimeter authentication is highly exposed to any user, application authentication leaves that application exposed and potentially vulnerable for the duration of -access to the requester. Trust established in one moment does not guarantee long-term reliability.

The logical conclusion is that in order for the Zero Trust solution to be effective in its implementation, it is not only necessary to establish trust at the beginning of each request, it is necessary to continuously check whether the request remains reliable during the transaction. Only then do we really follow the principle of zero trust. In other words, Zero Trust is only useful if constant authorization is part of the strategy.

A Cybersecurity Analyst Needs To Implement Secure Authentication

So what does such a solution look like and how does it work? To continue working in the office, two things are required:

Cybersecurity Careers: A Comprehensive Guide To A Lucrative Field

This is clearly more than just the features of Zero Trust solutions – they rely on an architecture that supports extensive integrations and real-time responsiveness. Let’s look at each of them in more detail.

When I think about trust, I think that trust is never a binary decision. A person gradually gains the trust of their peers over time, gaining greater amounts of trust as there is more data to support that person’s trust.

In the security plan of the IT system, users also build different levels of trust through multiple verification points. For example, entering the correct credentials may lead to trust, but most IT security experts agree that this level of trust is too low. So we add additional factors (such as MFA and device trust) to try to increase the trust until we are sure the trust is high enough to grant access.

If we add a little more rigor to this process, we can say that we are calculating a confidence score. We may even decide that a minimum score is required before granting access to certain resources. Let’s say we agree that accessing a company’s financial records requires a higher trust score than accessing a company canteen menu. Just because we don’t trust someone with our most sensitive records, doesn’t mean we have to starve them. Trust is not binary. Risk tolerance is relative to asset sensitivity.

Analyst Chat #92: How The Cybersecurity Market Is Evolving

Clearly, we want to be thorough in measuring the trust of sensitive material, and that means verifying that the user is who they say they are and that the device they’re using is authorized and proven to be low-risk. Fortunately, most organizations already implement a variety of security controls to help with this, and they just need to tap the sources to all contribute to this trust score calculation.

For most organizations, these tools often operate in silos, mostly sharing information with a single SIEM system. Wouldn’t it be great if we could use all user and device security features as data points in the reliability calculation? If we are really wise, we will also look for additional clues, such as evaluating recognized patterns of behavior and other circumstantial evidence of reliability.

Zero Trust solutions often use an identity solution as a starting point, but often go no further. I think it is important not only to identify the person, but also to make sure that their characteristics, location, time and frequency of access and many other things are taken into account. Further, like identity, even Zero Trust solutions that deal with device trust do not come close to real-time integrations with solutions already in operation in most organizations. To establish the best measure of trust, we have the opportunity, and even the obligation, to assess not only the measurable attributes of the person and the device, but also the activity, behavior, and transient characteristics of both. The graphic below shows examples of solution categories that can contribute to a confidence rating. Additional logic, including artificial intelligence, can further improve the accuracy of the trust score.

A Cybersecurity Analyst Needs To Implement Secure Authentication

So, the first of the two requirements is the ability to collect and continuously evaluate all the best telemetry from the organization’s available solutions, in real time. That way, we can tell if something bad is going to happen by watching the trust score decrease. Now, if only we can take appropriate action based on that result. This is where Instant Access Control comes into play.

Common Web Security Vulnerabilities

Zero Trust solutions now have the ability to mask corporate resources and grant access only after trust is established, regardless of what ‘trust’ may mean in each solution. It’s quite another to have the ability to revoke that access at a moment’s notice. There must be a persistent link between the trust scoring engine and the policy engine, and this level of access control must be able to restore that embedded state when the trust score falls below a threshold for that resource.

It is clearly the simpler element of the equation in relation to the reliability rating. However, some intelligence can be determined that takes into account the points required for a particular resource that is hidden. If a reverse proxy is used for this purpose, it can also be used to add additional functions such as load balancing and DoS protection. If cryptography is used in the form of ‘trust tokens’, then additional attributes and variables can be embedded to add more intelligence to decision-making, and can even store state in the event of a partial system failure.

One of the biggest complaints I often hear about secure remote access is how much IT resources are wasted on support tickets, even when users can’t access, or have lost access and want it back, or need access. thing that they are

Secure authentication, comptia cybersecurity analyst, comptia cybersecurity analyst certification, cybersecurity analyst professional certificate, implement 2 factor authentication, cybersecurity analyst, how to implement nist cybersecurity framework, cybersecurity analyst certification, cybersecurity forensic analyst, cybersecurity analyst degree, implement two factor authentication, become a cybersecurity analyst

Winda Salim

Hi my name Winda Salim, call me Winda. I come from Bali Indonesia. Do you know Bali? The beautiful place in the world.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button