As organizations continue to adopt cloud-based technologies and remote work, the need for a more robust security approach is becoming increasingly important. One such approach that has gained traction is the Zero Trust security model, which assumes that no one is trusted by default, regardless of whether they are inside or outside of the organization's network perimeter.
The 2022 Data Breach Investigation Report (DBIR) by Verizon mentions that 80% of breaches are being caused by external actors with stolen credentials and phishing is used in almost 60% of the attacks. This shows that one of the easiest ways to breach an enterprise’s security posture is to compromise an identity. Once an attacker has access to the enterprise network using compromised credentials, it makes it a lot easier for them to expand their attack laterally within the network and gain access to proprietary and sensitive data. The Zero Trust based approach to securing the enterprise helps mitigate such events by treating every user, device, and service as untrusted and potentially hostile.
What is Zero Trust?
The term Zero Trust was first coined by Forrester analyst John Kindervag in the year 2010. Today, Forrester defines Zero Trust as
“Zero Trust is an information security model that denies access to applications and data by default. Threat prevention is achieved by only granting access to networks and workloads utilizing policy informed by continuous, contextual, risk-based verification across users and their associated devices. Zero Trust advocates these three core principles: All entities are untrusted by default; least privilege access is enforced; and comprehensive security monitoring is implemented.”
To summarize the three principles of zero trust are
- Untrusted by default – have strict controls at every access point. Each user, device, and service are to be considered as untrusted.
- Least privileged access is enforced – grant access to what is needed, nothing more.
- Comprehensive security monitoring – Organize the environment into smaller security zones and maintain separate security controls for each zone. Enforce contextual and risk-based verification of identities at every step.
Adaptive Access Management
Adaptive Access Management is a security approach that uses advanced techniques to analyze user behavior and dynamically adjust authentication requirements based on risk. Advanced Access Management looks at contextual factors like the user's location, device, and behavior patterns to determine the level of risk associated with a login attempt. If the risk level is low, the user may be granted access with just a password. However, if the risk level is high, the user may be required to provide additional authentication factors or undergo further scrutiny to confirm their identity.
Advanced Access Management operates on the principle of continuous authentication, which means that users are continuously monitored and authenticated based on their activity. For example, if a user's behavior patterns change, such as accessing resources at unusual times or from unusual locations, the system can prompt additional authentication or even block access. This proactive approach ensures that only authorized users are accessing sensitive resources, and the risk of data breaches is minimized.
Advanced Access Management can help organizations balance security with user experience by making the authentication process more seamless and user-friendly. By reducing unnecessary authentication challenges, Advanced Access Management can help increase productivity and reduce friction for legitimate users, while still maintaining an elevated level of security.
Adaptive Access Management for Zero Trust
In a study commissioned by NetIQ and conducted by Dark Reading, 87% of the security practitioners have stated that they have already rolled out Zero Trust or are planning to implement it. Additionally, 61% of respondents have said they have implemented Multi-Factor Authentication (MFA) for internal employees but only 38% have extended it to external users.
Implementing MFA helps enterprises progress towards their Zero Trust objectives. However, it falls short since typical MFA implementations are based on static policies or rule engines. MFA is a more rigid security approach that provides an elevated level of security assurance but may cause friction for users.
Advanced Access Management is critical for the Zero Trust security model because it enforces the principle of "least privilege" access. This means users are granted access only to the resources needed to perform their job functions. Additionally, Advanced Access Management provides a layered security approach that allows organizations to respond quickly to changing security threats.
NetIQ Advanced Authentication
NetIQ offers a robust suite of Identity and Access Management solutions that helps in building a zero-trust environment that can be tailored for the simplest to the most complex environments. NetIQ Advanced Authentication is one of the core components of this suite that is vital to delivering on the key principles of Zero Trust.
NetIQ Advanced Authentication allows you to centralize your authentication into a single framework where you can manage them with a single policy console, decreasing costs and increasing security.
It provides the enterprise with the freedom to adopt a wide variety of authentication methods such as FIDO, Biometrics, Proximity cards and many more. It also provides flexibility by allowing the creation of complex authentication chains which go beyond basic 2FA and allow enterprises to factor in the various levels of protection needed for each resource.
NetIQ Advanced Authentication also has the advantage of being able to support a wide variety of platforms, be it Windows, MacOS, or Linux. It also supports most enterprise devices, be it standard workstations, mobile devices or even mainframes. Thus, with NetIQ Advanced Authentication enterprises can ensure that no resource is left unprotected.
It can also consume static and behavior risk metrics from the NetIQ Risk Service and ArcSight Intelligence that enable least privilege access via continuous authentication and authorization.
Join our Community. Have technical questions about NetIQ Advanced Authentication? Visit the NetIQ Advanced Authentication User Discussion Forum. Keep up with the latest Tips & Info about Advanced Authentication Do you have an Idea or Product Enhancement Request about Privileged Account Manager? Submit it in the NetIQ Advanced Authentication Idea Exchange. We’d love to hear your thoughts on this blog. Log in or register to comment below.