Today’s business innovations continue to undergo deep digital transformation. Consequently, corporate networks, infrastructures, applications and data are moving quickly beyond traditional on-premise profiles (eg. to the cloud, Edge, mobile devices, value-chain partners, etc.). Through this transformation, the workforce ramps toward previously unachieved flexibility, agility, and business cooperation with third party partners. The enterprise needs to additionally offer a flexible and agile work environment to their workforce, enabling employees to work from anywhere they want, at any time maintaining control over its security. This opportunity provides numerous benefits including productivity, “bring-your-own-device” (BYOD), tools and solutions for customization/individualization, and the opportunity for greater work life balance.

The traditional “fortress” approach is ineffective

The profile of business processes, supported by Information Technology (IT) and Operational Technology (OT), has already (and necessarily) extended beyond internal footprints; in fact integration not only goes to third party systems, but extends into the use of connected objects through any available network (eg. the Internet of Things, or IoT), blurring the IT/OT frontier. The effort to establish boundaries, separating internal and external business technology elements has complexified over time and is extremely difficult to achieve without excessive effort and cost. The traditional “fortress” approach is therefore ineffective considering the above circumstances and these business realities portend that enterprises should even consider accepting the “breach” by embracing the omnipresence of IT’s processes and data flow.

Enterprises should no longer assume that everything inside the internal private network perimeter is trusted by default and that no internal business technology element is sitting outside of it. Enterprises relying on this assumption are at risk! Several technologies and security frameworks have been developed to address those challenges over time, but only a complete change of paradigm would provide an efficient and long-term solution. Indeed, the fortress approach is heavily relying on network perimeter security controls and whitelisted subnetworks as proof of trust and such an approach brings some key challenges.

Zero Trust is a philosophy, not a product!

A new set of principles must therefore be defined when designing our information systems and, consequently, their security controls, in order to maximize the enterprise overall security posture and reduce risks.

Those principles are not new concepts. The need for well-designed and implemented access enforcement and monitoring guidelines have been well documented through authoritative standards, even if these guidelines were not called “zero trust”.

Atos Leadership in Zero Trust

Atos introduced the Zero Trust approach in its Journey Thought Leadership publication researched and developed by that Atos Scientific Community 8 years ago and significantly leveraged it in patents like Data Ridden Security, which has been further developed within Atos R&D labs. Proven outcomes can be found in Atos existing services and products portfolio, such as:

  • Atos zero trust network access service
  • Atos Managed Detection and Response (MDR) which uses the Zero Trust collection of concepts and ideas
  • Zero Trust threat detection and response powered by Atos AIsaac Artificial Intelligence
  • Atos commercial products featuring Zero Trust Intellectual Property: Identity and Access Management (IAM) software suite. Public Key Infrastructure, Certificates Management and electronic signature suite, Hardware Cryptography

By Purshottam Purswani

Posted on November 10 2021