Changing trust by default
The traditional trust-based networking is undergoing a paradigm shift of massive proportions, and it’s going to affect you if it hasn’t already. If you think you’re losing your freedoms, no place will that be more evident than in your work environment. This stripping of your computing freedoms is being caused by the ransomware and cybercrime epidemic that is costing US citizens billions of dollars annually. We will look back on this era as the wild west – a time when safes were easy to crack and stagecoaches and trains were ripe for the robbing. Indeed, networks built on trust were easy to implement and easy for authorized people to access, but sadly, they were also easy for unauthorized people to access. We have all paid the price for this, and those days are ending.
Welcome to the world of Zero Trust – an approach to networking configuration that requires users and devices to mutually authenticate themselves before permissions are granted. Gone are the days when you can check your personal email from your work device. Gone are the days when you can shop Amazon while you work.
As we’ve highlighted in past reminders, many companies have implemented costly, Fort Knox caliber security, only to leave the keys to the locks in the hands of low-level team members. It’s actually insane how vulnerable we have been to our lowest-level employees. And with the advent of the WFH (work from home) revolution, those same corporate keys give cybercriminals access to your home networks and all of your personal accounts, financial and otherwise, and visa-versa. These days are coming to an end, quickly.
Companies across the country of all sizes are locking down their systems and their users. The philosophy has changed to prove you’re legitimate before you’re granted access, rather than an acceptance based on your existence on our network. Translated into the real world, this means once you have authenticated yourself onto the network, you will encounter further restrictions on what you can do and where you can go. Do you want to open an email attachment? Nope – that will require administrative approval. Do you need to access a website for work? You will need your admin to approve that specific site. We have all experienced this at varying levels, with the implementation of zero trust, it gets taken to a new and much more restrictive level. It will be a frustrating transition for many of us, but frankly, it’s long overdue.
If you would like to implement a zero-trust environment in your workplace, contact us to get it done properly.
Have a safe and happy Thanksgiving Holiday.
We offer some of the most cost-effective HIPAA and cybersecurity training available anywhere. Call us to see how we can help.
If you have any questions or if you are concerned about your organization’s cybersecurity, give us a call at (800) 970-0402. We’ll be happy to help.
For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for a weekly HIPAA Security Reminder to help stay compliant.