What Does Zero Trust Mean for Your Network?

Reading Time: 2 minutes

If you've been reading this blog for any length of time, you know we're all about multi-layered security. One security device is not enough to protect your users and systems.

The multi-layered security approach suggests that more security layers—firewalls, intrusion prevention, DNS, endpoint protection, multi-factor authentication, security monitoring—equals more protection. 

Recently an additional security facet has emerged called Zero Trust.  So what is Zero Trust and how does it apply to your environment?

What is Zero Trust? 

The general idea with Zero Trust is that we can no longer trust users, devices, or applications inside of our own networks. It’s obvious that we can't trust connections from the outside, but not trusting the inside is a newer thought. Most organizations have yet to embrace this. It’s easy to see why Zero Trust is important: our internal users are often mobile, using BYOD (bring your own device), adopting cloud services, and are far more collaborative in how they work.  Additionally, we have significantly increased the number of IoT devices and expect business resiliency to be better than ever despite security compromises increasing at an astronomical rate.  

Cisco has broken down Zero Trust into 3 buckets: workforce, workloads, and workspace.  

  • Workforce means we are making sure users and devices can be trusted as they access systems, regardless of location.

  • Workloads is about preventing unauthorized access within applications, regardless of where they are hosted.

  • Workplace focuses on secure access of any and all devices (including IoT) that connect to your network.

There is no one-size-fits-all product that will solve each of these. But it's important to make progress in each of these areas to continue to reduce risk.   

How to implement Zero Trust

The most common application we see deployed today within our clients is the Cisco Identity Services Engine (ISE).  This solution combats several of these target areas, and the first area that most organizations pursue is device access.  Using ISE, you can ensure that only properly authorized and authenticated devices are able to join your network, regardless of device type or method (wired or wireless).  ISE also allows you to set policies that create virtual segmentation of users and applications, so that certain users can only talk to certain applications. It’s no longer an open network for internal users.  

Let me be clear—these are not easy things to get done. Better security can make it harder for your users to gain access to what they need. This is the most common obstacle to moving forward with more security.  But with the right planning, you can protect your network with little negative impact on your users.   

Implementing Zero Trust will significantly improve your security posture.  The key is to recognize that it's no longer optional. It should be a requirement of network design on everything you do moving forward.   

If you’d like to learn more about how Zero Trust can be implemented in your company, reach out and we will have one our security architects discuss the solutions best suited to your needs.  


This post was contributed by Lance Reid, our CEO. Lance has worked in the technology industry for over 25 years. He became a Cisco Certified Internetworking Expert (CCIE) in Collaboration in 2005 and has been serving on Cisco's SMB Advisory Board since 2013.


You may also like:

maci britt

ca grown. photographer. kitchen enthusiast. practicing the way of jesus.

macielise.com
Previous
Previous

Cisco Duo Device Health: Enhanced Protection for User Authentication

Next
Next

Meet the Team: Darren Rodrigues