While many organisations are still challenged in achieving zero trust, the principles of zero trust are already widely in use in day-to-day life, helping secure people and organisations better.
This is according to speakers in a webinar entitled: Demystifying Zero Trust, hosted by Liquid C2 and Cloudflare, in partnership with ITWeb.
Shawn Gradwell, Cybersecurity Solutions Architect at Liquid C2, said many organisations were still unsure whether they had achieved zero trust within their organisations.
Amrit Toor, Solutions Architect at Cloudflare, explained: “Zero trust is used in our day-to-day lives – for example, at airports. Airports continuously evaluate the passenger at check-in, baggage check, passport control and at the departure gate.”
“Likewise, in organisations, we need to continuously evaluate users while they are accessing applications. We also need to authenticate users, look for nefarious actors and analyse their behaviours through content inspection, analytics and risk scoring, and look for threats when a user is trying to access resources. Using advanced technology, we must continually inspect the environment so the user can access data safely, we know who the user is, and they aren't exfiltrating any data.”
Gradwell and Toor outlined the Cloudflare Access Zero Trust Network Access solution, which augments or replaces VPNs, manages third-party access and verifies context like identity and device posture to secure access across the entire environment.
In a live demonstration of Cloudflare Zero Trust in action, Toor highlighted the ease of set-up and configuration. He noted that Cloudflare Access audits every request that is made, and allows for the creation of additional security policies such as preventing users from carrying out certain actions. An application launcher page simplifies access for users, and organisations can assign different zero trust policies to various applications. The demo also explained various ways to add a contractor for zero trust network access securely, without installing any agents on their machines.
Gradwell said Liquid C2 – the only Cloudflare Elite partner in Africa – provides Cloudflare Managed Security Services (MSS) and Professional Security Services (PSS). He said Liquid C2 partnered with Cloudflare because of "the brilliant engineering behind their global network, which allows them to offer the zero trust services".
He added: “Cloudflare is very flexible in fitting into how companies work and their architecture, so when organisations are on a zero trust journey with Cloudflare, there are multiple places to start.”
He said: “To ensure you have zero trust enabled, organisations need to follow several core principles: ensure all resources are accessed securely, regardless of location, adopt a least privilege strategy and strictly enforce access control, and inspect and log all traffic. Extended principles include ensuring all components support APIs for event and data exchange, automate actions across environments and systems, driven by context and events, and deliver tactical and strategic value. Cloudflare ticks all these boxes.”
Share