Photo by Jack Dong on Unsplash
Zero Trust as a security strategy
Beyond the Patch
Even if you don't want to hear it, European IT is not necessarily known for being hyper-innovative – for a variety of reasons. Successful startups, for example, are far less likely to be launched in Europe than in the US, and not because no bright minds with smart ideas are on the east side of the Atlantic, but because of the structures of the industry as such. The much-quoted bon mot "we've always done things this way" contains more than a shred of truth. Anyone who has ever experienced a European IT company from the inside will know what I mean when I say that the impression is more of an archeological excavation site than a technology company.
Wrapped up in this dilemma is enterprise devotion to endpoint security in a local network, which encounters problems when administering clients outside that network and necessarily feeds the VPN revenue stream. However, rebuilding your infrastructure to implement a zero trust concept will pay off in the long run with less complexity and higher effectiveness, especially for employees outside the local network, which in today's environment, can easily be the majority of a work force.
Standards from the Last Century
One area in which this can be seen more clearly than in almost any other is security. Partners from the US or Israel who regularly work with large German corporations (my milieu) are amazed at the standards of security and compliance that are still commonplace in this country.
Stating that access to your own email on a smartphone is supposed to be linked to a mobile VPN "because of security" often leads to bewilderment among observers. Likewise, that many large European corporations still force employees to change their passwords on a regular basis raises an eyebrow among others. This confusion is understandable, because it has long been shown that users simply change their existing password by just one
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Arm yourself against cloud attacks
We present approaches and solutions for protecting yourself against attacks in the cloud. -
Zero trust planning and implementation
The many facets of the zero trust implementation process can be a source of frustration, which is why we offer a step-by-step guide to implementing zero trust models to help you make state-of-the-art IT security become a reality. -
Five Kubernetes alternatives
Many admins consider Kubernetes the obvious choice for managing containers; however, don't ignore the highly efficient alternatives just because they are less prominent. -
Vagrant, Serf, Packer, and Consul create and manage development environments
Four open source tools – Vagrant, Serf, Packer, and Consul – facilitate a developer's work by each handling one specific task elegantly. - IBM Set to Acquire DevOps Startup BoxBoat