Guilty until proven innocent
The Zero Trust concept
The Zero Trust concept
If you have children, you’re no doubt concerned about their safety, especially at school. What if money were no object? What could the school do for the utmost level of security?
How about requiring everyone, both students and staff, to wear a photo ID badge at all times? (Which some schools already do.) And hire guards to stand outside of each door, including classrooms, auditoriums, gymnasiums and even bathrooms. Everyone’s badges, including staff, would be checked every time. They would only be allowed to enter if they were on the list, and only during an authorized time period. Even each hallway would have its own guard. And let’s tell the guards to treat everyone as “guilty until proven innocent”. While we're at it, let's install security cameras all over the place.
Would this be more secure? Absolutely. Would this be a challenge to implement? Absolutely.
The IT equivalent concept is “Zero Trust”. Gartner identifies this as “…products and services that create an identity and context-based logical access boundary…”. Microsoft says that the three principles of Zero Trust are “Verify Explicitly”, “Use Least Privileged Access”, and “Assume Breach”. Zero trust in anyone, both internal and external. Because we can’t be sure where the intruders may be coming from. To quote an old horror movie trope…” The call is coming from inside the house!” Microsoft offers an assessment tool to assist in your Zero Trust journey.
Instead of classrooms and auditoriums, we must guard data, apps, infrastructure and the network. Instead of students and staff, we will keep an eye on users and devices.
Microsoft says, “We are moving away from an era where networks were clearly defined and usually specific to a certain location”. That is true now more than ever, with so many remote work-from-home users. This makes the “Verify Explicitly” principle perhaps the biggest challenge to adapting a Zero Trust model. It’s a moving target. The verification of users and devices requires examination of all available data points. Microsoft suggests that this includes “user identity, location, device health, service or workload…and more”.
When everyone was in the office, this information was fairly easy to obtain. The network infrastructure is owned and controlled by the company. The majority of devices were company owned. And the user’s location was fairly static. Now those same users may be widespread geographically. They may be using personal devices instead of company laptops. Multiple networks and multiple ISPs add to the complexity.
Our TrueDEM® real user monitoring tool was not originally intended to assist in implementing Zero Trust, but fortunately, it was built with security as the foundation. The information we gather on users and devices is a great fit for “Verify Explicitly”. So, while TrueDEM excels at monitoring, indirectly it’s also the perfect accessory for implementing your Zero Trust infrastructure.
Think of this “off-label” use of TrueDEM as a hidden bonus. The TrueDEM agent is deployed to all devices, and thereby all users. Deployment takes less than 15 minutes. The agent regularly collects a massive amount of data that is used by our cloud-based AI to detect and predict anomalies and expose trends and patterns. Included in this data stream are some of the same data points Microsoft suggests for verifying users and their devices in the Zero Trust model. We know the identity of each user, because TrueDEM uses their actual accounts. We know their location, even as it changes. We know what services are running.
We also had “Zero Trust” when designing the TrueDEM agent. That’s why no admin account or special permissions are necessary for deployment. No personally identifiable information (PII) is ever transmitted or stored.
We know that TrueDEM is the best real user monitoring tool to keep you informed of their real Office 365 experience. We use actual user accounts, not “synthetic transactions” on some remote server. So we already gather much of what you need during your Zero Trust journey. Consider it “side benefit” of a powerful monitoring tool. TrueDEM is so easy to deploy you can try it out in about 15 minutes. No admin rights needed. You can trust us on that.