Extending Zero Trust Continued: Taking the Idea of “Trust Nothing” a Step Further | #emailsecurity | #phishing | #ransomware


Recently Votiro’s VP of Customer Success and Sales Engineering, Henry Frith, and the DNSFilter team hosted a joint webinar discussing the importance of extending Zero Trust. If you haven’t had a chance to view their conversation, you can watch the webinar here. 

So, what does “extending Zero Trust” mean? Our experts are weighing in on the transformation companies can make by implementing an updated security position and why the Zero Trust framework is essential.

Why is it becoming increasingly important to NOT inherently trust internal assets or internal requests the way we used to?

“The dramatic increase in remote work coupled with data being distributed across an incalculable number of applications, services, and devices renders it imperative to never trust, but verify,” commented Director of Product Operations, Aliese Alter. 

Henry Frith of Votiro agrees. “Data is the lifeblood of any business,” and in order to operate in a productive manner, files and content must be able to move through the company freely. Threat actors have become increasingly sophisticated at disguising themselves in “unscannable” files and sharing those files through legitimate emails, making them nearly impossible to detect when using traditional security solutions. Even documents shared within the company can pose a risk if not properly scanned and sanitized.

What shifts are you seeing in your conversations with customers and prospects around the adoption of Zero Trust? 

“Conversations tend to move in multiple different directions,” mentioned Henry Frith. “How do these files move through the organization? We tend to talk about security not just around the file, but how the systems are secured and configured.” The Zero Trust framework is an essential piece in building a complete security solution for businesses. As the term “Zero Trust” becomes more popular in conversations around security, we see a growing interest in how companies can adopt a Zero Trust approach to protect their files and data. 

“I think one question that comes up a lot is ‘What does this even mean?’ And often, that means educating the customer on the concept as a whole and elaborating that this is not personal. ‘Zero Trust’, without context, can be taken the wrong way. The goal has to be to make it clear that this is all about not trusting systems in an effort to protect end users—not a matter of distrusting internal employees. But the conversation has shifted from end users never having heard of the concept to the point where now they’re asking me about it, because it’s a term they’ve heard. There is more awareness around the term, but education is still needed around the concept. That’s where I will often give the example of how we used to address requests before Zero Trust. We used to inherently trust that a request was safe because it was coming from a certain location. Now, there is no automatic trust. We need to verify first.”

Is there anything that you think is halting Zero Trust adoption?

Aliese and Henry have broken down what they believe to be the biggest hindrances in businesses adopting Zero Trust.

  • Additional Work Required By Teams:

Whether administrative or from a user-level expectation, people are hesitant to take on a solution that requires additional bandwidth when it comes to securing their content and data. For the most part, users and security teams want solutions that are low-lift to implement and can be deployed without disruption to their current security configurations and flow.

  • Lack of Knowledge Around Zero Trust:

People are generally more scared of what they don’t know. Individuals, teams, and companies are often hesitant to implement solutions and processes that feel unfamiliar. This is why the discussion of Zero Trust becomes increasingly important as zero-day threats give rise to massive breaches of data. 

How can these two solutions work together for the end-user for a layered security approach?

“Email is the most common method people send files, and DNSFilter can protect networks from precarious content. However, DNSFilter doesn’t inspect the file attachment, which is where Votiro comes in. Votiro offers a solution which ensures the attachments coming into the organization via email are free of malicious fragments,” said Aliese of DNSFilter.

Votiro Cloud can integrate seamlessly with solutions like the one DNSFilter offers, to provide a comprehensive security solution that gives users and businesses peace of mind at every stage. DNSFilter protects end-users from malicious domains as they work online, creating a safer digital workplace that also enables content filtering to enhance productivity. 

To learn more about our solutions and how we can help businesses adopt a Zero Trust approach to securing content, visit the links below.

Schedule a demo with DNSFilter! 
Schedule a demo with Votiro!

*** This is a Security Bloggers Network syndicated blog from Votiro authored by Votiro. Read the original post at: https://votiro.com/blog/extending-zero-trust-continued-taking-the-idea-of-trust-nothing-a-step-further/



Original Source link

Leave a Reply

Your email address will not be published.

two + three =