Zero Trust Network Security Configuration

Changing trust by default

Traditional trust-based networking is undergoing a massive paradigm shift, affecting you if it hasn't already. If you think you're losing your freedoms, no place will that be more evident than in your work environment. This stripping of your computing freedoms is caused by the ransomware and cybercrime epidemic costing US citizens billions of dollars annually. We will look back on this era as the wild west - when safes were easy to crack, and stagecoaches and trains were ripe for robbing. Indeed, networks built on trust were easy to implement and easy for authorized people to access, but sadly, they were also easy for unauthorized people to access. We have all paid the price for this, and those days are ending.

Welcome to the world of Zero Trust - an approach to networking configuration that requires users and devices to authenticate themselves before mutually granting permissions. Gone are the days when you could check your email from your work device. Gone are the days when you could shop Amazon while you work.

As we've highlighted in past reminders, many companies have implemented costly, Fort Knox caliber security, only to leave the keys to the locks in the hands of low-level team members. It's insane how vulnerable we have been to our lowest-level employees. And with the advent of the WFH (work from home) revolution, those duplicate corporate keys give cybercriminals access to your home networks and all of your accounts, financial and otherwise, and visa-versa. These days are coming to an end quickly.

Companies across the country are locking down their systems and their users. The philosophy has changed to prove you're legitimate before you're granted access, rather than an acceptance based on your existence on our network. Translated into the real world, once you have authenticated yourself onto the network, you will encounter further restrictions on what you can do and where you can go. Do you want to open an email attachment? Nope - that will require administrative approval. Do you need to access a website for work? You will need your admin to approve that specific site. We have all experienced this at varying levels; with the implementation of zero trust, it gets taken to a new and much more restrictive level. It will be a frustrating transition for many of us, but it's long overdue.

If you want to implement a zero-trust environment in your workplace, contact us to get it done correctly.

Have a safe and happy Thanksgiving Holiday.

HIPAA Security Reminders

 

HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up