Security concerns hit the headlines yet again recently as a significant wi-fi vulnerability caused trouble for many organizations. Unlike a software bug, or targeted attack on a specific company, this problem was much more far reaching as put simply, wi-fi is everywhere.
It is a virtually universally accepted expectation and many businesses roll wi-fi out without thinking about the consequences. In and of itself wi-fi is a security risk for organizations, which is often underestimated. The reality is that it hugely increases the attack surface of a company, opening numerous backdoors and making the task of perimeter control virtually impossible. So when the already difficult nature of wi-fi is coupled with a vulnerability such as Krack, which allows hackers to intercept a connection, businesses have a serious problem.
Organizations need to wake up to the fact that, from its sprawling nature to weaknesses in the inbuilt security, attempting to secure network infrastructure itself is futile. The sheer complexity of the task only results in security holes and vulnerabilities that can be exploited. Instead they should look to a security overlay approach that doesn’t care what a network looks like, but instead focuses on protecting the data as it travels across it, taking a Zero Trust approach.
Zero Trust, the idea that nothing – not devices, users or infrastructure – can be inherently trusted, is a concept gaining traction in the security space. It assumes that everything on the network is trustless and access is given based on role, therefore each user or device is given access to only the data and applications needed to carry out their role within the organization. The simplest way for organizations to implement this is to stop trying to secure the infrastructure itself and look at a security model based on access control.
When access is based on Zero Trust and you underpin this with cryptographic segmentation, in the event of any breach the attacker is contained to that specific segment or application only; lateral movement is impossible – this makes it feasible for organizations to embrace a security model built on breach containment, rather than prevention and detection alone. Which means that, if for example a device is compromised as a result of a Wi-Fi vulnerability, the data to which hackers can gain access is constrained and rendered useless.
Security thinking needs to change. This latest vulnerability should open the eyes of organizations to the need to move away from the concept of owned and unowned networks or infrastructure. It highlights once again that infrastructure is spiralling out of the control of CISOs and they need a new way to secure the data that their network holds. They must instead of infrastructure, consider only users, applications and secure access – and the security industry must facilitate that shift to ensure there is a positive move forward in the battle against the increasing cyber threat.
Contact Contact Certes Networks today to find out how our Zero Trust security solutions can help put CISOs back in control of your organization’s security.
To learn more about Zero Trust watch our latest video https://youtu.be/EZIAa0Or04E.