Zero Trust Security Schemas Might Not Be Enough Against Hackers
They’re all the rage, but is there a more secure method?
We’ve talked previously about Zero Trust network architectures and how they can keep endpoints and the network secure. The paradigm in a nutshell: Assume that no interaction is from a trusted source and, therefore, needs to be authenticated, encrypted, or otherwise secured. Cloud solutions certainly figure into the schema, since more require frequent “handshakes” so that users prove they are who they say they are.
And Zero Trust is certainly garnering a lot of attention. In fact, the Biden-Harris Administration has just released a new cybersecurity approach for federal agencies, relying on cloud computing to fend off hackers, hoping to modernize the government’s cyber defenses. According to the Wall Street Journal, this system will require repeated verification of identities to access data—a stark contrast to traditional security frameworks where most interactions that take place behind the corporate firewall are assumed to be legit.
|Zero Trust can keep network assets and data secure,
but a Digital Bunker takes security to the next level.
Yet some would argue that Zero Trust does not go far enough. “Zero Trust as described is unattainable and will hinder productivity,” says cybersecurity expert Michael Abboud, CEO of TetherView. “Traditional Zero Trust solutions allow data to sit locally everywhere, making it impossible to have visibility of control. The proper implementation of this is to force users to a known and secure workplace and quadruple check the user’s identity before they enter.”
His company’s approach to network security: a secure digital workspace, or a Digital Bunker in TetherView’s parlance. In this scenario, users are provided with a single digital workspace that permits business data and email to be accessed from a single point of entry that only gives access after many factors of authentication are verified. While inside the Digital Bunker, user activity is highly monitored, logged, and controlled. For organizations that have even higher levels of sensitivity, a whitelist approach is deployed: Users only access applications, data, or websites that have been screened and approved by the organization’s IT management and security teams.
If this sounds draconian, consider that more than 80% of cyberattacks are the result of inadvertent user behavior (such as clicking on a malicious link) and not direct hacking activity. Given that cybersecurity is cited time and again as the top concern of IT decision makers in Keypoint Intelligence’s surveys, there is certainly a need for this level of network and data security.
As for TetherView’s approach in particular, its Digital Bunker offering combines compliance, 24/7 security, backup, mobility, and single sign-on password management into one platform. Users are never tied to a specific device, location, or Internet connection. Instead, the Digital Bunker delivers a consistent virtual desktop from any connection or device to use from anywhere—all while restricting access to corporate data outside of the controlled workspace.
What Does This Mean for Print?
When it comes to the print environment, Zero Trust entails employing secure pull print solutions so a user must authenticate at the printer to receive a print job. Many mobile-print solutions, as well as Microsoft Universal Print, achieve the same ends since users must enter some sort of credentials before a print job will be released.
The Digital Bunker protects printing security in several ways. First, it provides whitelisting access to business data only from known and protected devices. Second, from such a whitelisted device, printing is restricted to known printers and printing can (in turn) be restricted to only specified classifications of data. The system also provides logging of print jobs and active monitoring printing activity, along with customizable reporting and alerting on printing activities.
Abboud notes that TetherView's digital workspace is equipped to work with federal agencies and other organizations where security and access control are paramount. Granted, the digital vault is likely overkill for many businesses. But given its combination of cloud-accessible virtualized desktop convenience and multi-layered security, it is certainly worth considering for the more security-minded among us.
Subscribers to our Office CompleteView service can log in to the InfoCenter to view our report on best practices in MFP security. If you’re not a subscriber, just email us at firstname.lastname@example.org for more info.