We are working to improve your online ordering experience! Webstore.be + webshop.eurosys.be are undergoing an upgrade to provide you with an even better service in the future. We expect to be back soon. In the meantime, your orders will be handled personally by our internal sales. Thank you for your patience and for your loyalty.
VanRoey » Blog » Zero Trust, for cyber security an absolute must
Zero Trust, for cyber security an absolute must
'It was all so simple... The Fixkes knew how to frame it well. A company used to quickly have its cybersecurity in place. A firewall, a VPN to work remotely and all software ran on its own servers or on the PC. Simple. But times are changing.
Today, the modern workplace can no longer be defined. We work anywhere, with various cloud platforms such as Microsoft 365, SalesForce... and access company data from multiple devices. Even interactive displays in meeting rooms, smart thermostats, solar panels... Everything comes into contact with the network.
Users and devices are thus constantly inside and outside the company's physical and virtual boundaries. The question then becomes: how do you secure such an environment?
Today, we only work with the Zero Trust strategy
This implies that no device nor user is simply trusted and only strictly necessary access is explicitly granted. With Zero Trust, every activity is scrutinised based on the following core principles:
Explicit verificationit repeatedly authorises the user based on various parameters, such as identity, location, network and/or device status (e.g. is all software up to date? is there TPM...).
least-privileged access
rights of users are limited to the minimum data and systems required to perform their tasks.
Assume breach
We always assume that a hack has occurred or will occur. Proactive measures are constantly being taken to mitigate potential damage.
An example: via phishing your CFO's password was stolen, and via SIM-Swapping, the two-stage authentication was also bypassed. Normally, the hacker would then be inside. But with Zero Trust, location is also taken into account. Is the 'user' in another country or outside trusted networks? Then access is still barred. A USB dongle can also be provided that must be connected to gain access.
Suppose -in the worst case scenario- that a hacker were still to get in and inject malware into known software, it stings EDR this again immediately. This solution closely monitors every software activity, even that of trusted programmes, and blocks all suspicious activity by default. Never trust, always verify...
Zero Trust in your organisation?
Zero Trust is thus a collection of carefully configured security policies enforced across the organisation: from identity to device, from network to data, from business floor to cloud...
Every company is different, so it is important to tailor this strategy to your needs. For this, you can rely on our security experts. We have already set up hundreds of zero trust environments and apply our broad knowledge from Firewalls to EDR to Microsoft 365.
Want to know more about Zero Trust?
We recently organised a extensive webinar by our Microsoft 365 specialist (softly spoken) Jente Vandijck which you may rewatch for free. It is only 34 minutes long, but tells you almost everything you need to know. 'Ask' via this link.
Also, through a Security audit your environment under the microscope. We are here for you!
vat no.*
"Should a hacker still manage to get in and inject malware into (known) software, EDR again immediately puts a stop to it. It closely monitors every software activity, even that of trusted programmes."
Has been working as a marketer, designer, webmaster, copywriter, PowerPoint guru and numerous other things for 15 years. He gets his energy from simplifying complex matters. He tries to do the same in his Techblog PowrUsr.com where he brings handy solutions to challenging problems.
We use cookies to optimize our website and our services.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences not requested by the subscriber or user.
Statistics
Technical storage or access used exclusively for statistical purposes.Technical storage or access used solely for anonymous statistical purposes. Without subpoena, voluntary compliance by your Internet Service Provider, or additional data from a third party, information stored or retrieved solely for this purpose usually cannot be used to identify you.
Marketing
The technical storage or access is necessary to create user profiles for sending advertising, or to track the user on a website or across different websites for similar marketing purposes.
What will the future bring? Get an exclusive tour & plenty of inspiring sessions at the revamped Living Tomorrow. It promises to be another great and educational year-end event! See you there?
