Would you trust just anyone to enter your home? Or would you first confirm that you know them and they have the right to be there?
The Zero Trust Model (ZTM) of security follows a similar principle. The ZTM approach is to be aware of anything entering the company, whether from inside or outside the company’s perimeter.
ZTM simply verifies everything that requires access to the system. The approach does not necessarily decree that every request should be denied. Instead, it asks: Why is access needed? How far? How long?
Continue reading Prevent Cybercrime with the Zero Trust Model of Cybersecurity
Apart from data security, data privacy represents a major area of concern in IT security today. When it comes to data privacy, all organizations are very particular about where and how their company data is being saved, and who has access to it.
This is also related to one of the major reasons why organizations still hesitate to move their data to the cloud – “who else has access to my data if I move to cloud?” Even though almost every IaaS and PaaS provider tries to build confidence in their clients through certifications by authorized agencies, many enterprises are still not convinced. The reason is that there are still areas that lack transparency, where details on their data privacy are not clearly explained and conveyed to them.
Continue reading Dedicated servers for unmatched transparency in data privacy
Most IAM tools utilize browser extensions or applications installed on the end-user’s machine, or on an Active Directory, for access to identity. But why?! A user can be identified even without an agent – so having an so-called ‘lightweight agent’ sitting in your Active Directory itself is not the most secure way to manage user identity.
Whenever you create a dependency to achieve a particular solution, it is important to ensure the solution is 100% secure and that applies for the dependencies (Agents) too. This could make the architecture slightly complicated, depending on how it works.
Continue reading Does your IAM solution really need an Agent?