Book Demo!

One year ago, businesses pivoted to remote working. This forced companies and their IT departments to rethink their remote access policies. One thing became clear – organizations needed to embrace a zero trust access approach to remote working and cybersecurity.

When businesses switched to remote working, they relied on VPNs for remote workers to access network stems. VPNs are built on a trust everyone model. They give users broad access making it easy to move laterally across the network. In many ways, cloud applications that use passwords for access, take a similar approach. Cybercriminals know this and ramped up their attacks on remote workers in 2020.  With entire workforces accessing VPNs and cloud applications on unprotected home networks, companies took on significantly more security risk. (See my previous post, Is It Time to Replace VPNs?)

To address this risk, companies are turning to zero trust access models.

What is Zero Trust Access?

Zero trust network access (ZTNA) is based on the concept of “never trust, always verify” anything and everything connecting to your network before granting access (using the principle of least privilege). The idea is to eliminate trust because we can no longer assume that the entities within a network are trustworthy. This helps limit the lateral movement of hackers and malicious actors.

A zero trust access approach takes into account the reality of today’s IT infrastructure which relies on mobility, IoT, cloud applications and collaboration with partners. In a zero-trust model, users and all resources (servers, databases, devices, APIs, etc) are considered external and need to be routinely verified before granting access.

Zero trust is a modern approach to remote access. It’s been discussed for the last few years but taken on a new priority over the past year. Investing in zero trust solutions companies can decrease their exposure to cyber threats by verifying user, system, or application credentials.  It creates a software-defined perimeter for identity and device-based access making it a strong option for today’s remote workers and cloud-based environments.

Implementation

As more companies rethink their VPN strategies, they are adopting remote employee gateways that leverage zero trust models.  Secure gateways can be created using modern privileged access management software which is designed to support least privilege access and zero trust. It includes point-to=point access to specific services in the destination network for the specific, often sandboxed, applications on the client computer, logging access events, monitoring traffic, enabling supervisors to approve access, and restricting access to users’ locations or time of access.

Even before the pandemic started, our customers were using Xton Access Manager (XTAM) as a secure gateway for remote workers or trusted third-party partners.  With XTAM companies can securely lock their systems and secrets behind their firewall. XTAM is used with secured Active Directory logins, MFA, Approval and Time-based Workflows to safely provide access to only trusted personnel.  XTAM allows you to limit access by account or system, implement just-in-time access and enforce zero trust policies.

Using PAM software in this way provides additional benefits beyond secure access. As an enterprise PAM solution, XTAM provides audit trails, video recording, alerts and notifications. This helps company’s meet compliance requirements even for remote workers with privileged credentials.

TRY XTAM

Hybrid and remote working models are likely to become the norm for many businesses. IT departments need to invest in secure access solutions that go beyond trust all policies of VPNs to zero trust access.

Contact Xton today and learn more about using XTAM for secure remote access.


Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts

Industry

Insider Abuse, Google and Privileged Users

Recent news reports found that Google fired dozens of employees from 2018 -2020 for abusing their access to company data. While insider abuse is not new, it is a growing threat and one that companies Read more…

Industry

Is the Healthcare Industry Doing Enough Around Cybersecurity?

Ransomware, phishing, and cyberattacks in the healthcare sector are increasing. In 2020, healthcare was a top industry targeted by cybercriminals. With the average cybersecurity attack costing $7 million, is your healthcare organization doing enough to Read more…

Industry

Improving OT Security

The Colonial Pipeline cyberattack brings operational technology/OT security strategies to the forefront. According to a CSO article, it’s the lack of visibility into the security status of OT systems likely forced the shutdown of their pipeline Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.