Fit for Zero Trust Architecture
According to the Cybersecurity and Infrastructure Security Agency, areas of focus for the Zero Trust model include identities, devices, networks, applications and workloads, and data. Many healthcare IT teams are already using Zero Trust principles. Even maturing one or two of these pillars within your organization can help strengthen your cybersecurity approach.
Strong identity management enables organizations to respond more quickly and accurately to potential threats as they arise. IT teams can better track and report red flags to prompt immediate action to stop potential fraudsters.
The identity attack surface is smaller than the network attack surface. In today’s IT landscape, organizations are not dealing with one large, flat network. Private clouds, public clouds, and on-premises data centers can make your organization’s network reach large and difficult to understand. However, identities, whether on-premises or in the cloud, can extend beyond these scopes. Network segmentation sets the proverbial fence to work within the perimeter. But for identity segmentation, think of a fence guard asking for an identity over and over again. That guard should ask for clearance every time, regardless of how often you’ve already entered the perimeter.
Get the white paper: See how Zero Trust architectures improve data protection.
Challenges of Implementing Identity Segmentation in Healthcare
Of course, when it comes to implementing tighter controls, the battle between usability and security, and business case and risk, escalates. Therefore, it’s important to understand the security landscape across your organization to put things into perspective.
Identity segmentation uses risk-based policies to restrict access based on identity. When trying to implement identity segmentation, setting an exception might seem easier. Perhaps the CEO will decide that the rules apply to all but a handful of leaders. But it misses the point of a zero trust approach and complicates management.
Many in the healthcare industry also need to get comfortable with cloud strategies and move away from on-premises mindsets. For example, the use of a cloud access security broker is considered fundamental today and can be combined with a secure access service edge architecture or software defined his WAN connectivity.
Find out: Why healthcare organizations should start implementing Zero Trust with identity.
Remember the 5 P’s of Identity Segmentation
Good planning prevents poor performance.
Don’t run identity segmentation haphazardly without creating a plan that includes a proof of concept and testing. Avoid working on solutions for short-term purposes.
The plan should ensure that security basics are continuously enforced. For example, do you have visibility and logging enabled? Do you have a basic understanding of network traffic for macro segmentation? Do you have a core identity and access management program that is an ongoing and evolving process?
Full adoption of a Zero Trust framework will take time. While this is a journey to mature each pillar, there are appropriate incremental benefits that organizations can reap to improve their cybersecurity standing.
This article is health techof monitor blog seriesUse . to join the discussion on Twitter. #WellnessIT.
