See how a layered approach to endpoint management incorporates different types of identity and user authentication.
Recently, we talked about the importance of layered endpoint management: multiple security controls are combined to protect data. Although each layer offers an important level of redundancy, the value of each subsequent layer diminishes. Rather than continue to add layers, greater value is found in target-hardening existing security layers with self-healing capabilities and focusing on physical security measures, policy, and training. Moving deeper, we’re going to next examine the importance of identity and user authentication.
The User Authentication Problem
“How password neglect is helping hackers win,” begins one recent article; HSBC just suffered a data breach as a result of a credential stuffing attack that leveraged leaked passwords. Passwords are our weakest form of authentication, yet are very difficult to replace. The user authentication market is booming, with biometrics, two-factor authentication, and now even the potential of a “brain password.” As ThreatPost author Tara Seals notes, most of these authentication efforts face an often insurmountable hurdle: users.
“While alternatives to passwords are showing up more and more across services and application logins, in the grand scheme of things, these approaches have many inroads to make before they even come close to replacing passwords.”
The Zero Trust approach tried to improve security by revoking trust, treating all connections as untrusted, focusing on protecting the data itself to help stop the kind of lateral threat movement that occurs when perimeter breaches are undetected. At the root of zero trust is the need to “always verify,” relying on strong authentication methods and greater visibility over business flows to know who can access what kind of data. Although there are many benefits to a zero trust model that focuses on compartmentalizing and protecting data, this model still relies on authentication – which is not infallible.
From Zero Trust to Identity-Centric Security
Taking zero trust to the next level, we adopt methodology from multi-layered security. Here, when one layer of authentication or “trust” verification fails, the next is there to step in. Identity-centric security focuses on the data being protected rather than on topology (perimeter or network). Leonid Belkind recently wrote an article for Forbes outlining this new approach, outlining an example of identity-centric security with the following layers:
Enterprise mobility management, device security posture verification, and endpoint threat detection
Behavior profiling/anomalies detection
Data security, adaptive authentication, break-glass procedures, and privileged access management
As the author notes, there is no single “silver bullet” to data security, which is why a layered approach is so important. Under the zero trust framework, identity-centric security allows us to focus on authenticating users and their relationships to devices, apps, and data. Although the above list references enterprise mobility management as a key security layer, next level unified endpoint management solutions like FileWave take this idea of “zero trust” to heart and help you manage these complex relationships to shore up your critical layers with self-healing.