A Critical Element to Any Zero-Trust Deployment
Risk-based authentication enhances both security and user experience by allowing you to rank the resources you want to protect based on risk level and type of user. This gives you the power to create rules that are unique to the security structure in your organization, therefore enabling more flexibility and higher protection only when necessary.
Common risk factors that could potentially be added to authentication policies
- NETWORK LOCATION
- MOBILE DEVICE RISK
- ENDPOINT / COMPUTER RISK
- TIME POLICIES
- GEO KINETICS
Under the premise that nothing can be completely trusted, the zero-trust approach focuses on three principles:
Identifying Users and Devices
Always know who and what is connecting to the business network. As companies grapple with having the predominance of their workforce working remotely, securing access to internal tools presents a major challenge. Cloud-based multi-factor authentication (MFA) services offer mitigation against credential theft, fraud and phishing attacks.
Providing Secure Access
Limit access to business-critical systems and applications to only those devices that have explicit permission to access them. In the zero-trust framework, the goal of access management is to provide a means to centrally manage access across all common IT systems, while limiting that access to only specific users, devices, or applications. Single sign-on (SSO) technologies, combined with MFA, can improve access security and minimize the password burden on users.
Monitor the health and security posture of the network and all managed endpoints. Malware and ransomware threats have only accelerated as a result of coronavirus. Keeping users safe as they navigate the Internet is more difficult when they are connecting from outside of your network. Staying on top of threats requires persistent, advanced security that goes ZERO-TRUST ADOPTION beyond endpoint antivirus.
Using MFA and Risk Policies for Zero-Trust Deployment
As we know, zero-trust implementation starts with the assumption nothing can be trusted. By defining micro-segments and applying policies that are tailored to your organization's security needs, you are creating a trusted environment. This starts by identifying the user that will access those applications and services.