HPE Community
Servers & Systems: The Right Compute
1855257 Members
2606 Online
104109 Solutions
New Article
 
Subscribe to RSS Feed
|
marksimpkins

I have trust issues—you should too

‎02-14-2022 06:00 AM

Traditional approaches to security aren’t keeping up with the threats affecting all businesses. What can “save” us? Zero trust. Mark Simpkins explores what it means and how it can help.  

Blog-Zero-Trust-Simpkins.png

Cybercrime is rising and spreading across businesses from the large enterprise to the small and midsize business (SMB).

While one could argue that a larger enterprise may better absorb the effects of cybercrime, an SMB could be effectively wiped out by a breach of security.

That said, traditional approaches to security are not keeping up with the threats affecting all businesses. What can save us?

A different mindset—trust no one

Well, nothing can truly “save” us, but we can better mitigate threats and protect ourselves. What is critical to the success of our personal relationships can be detrimental to a business infrastructure: trust. Do I trust my wife? Absolutely. Should we extend the same implicit trust to the various devices, applications, services and users who access our business network and infrastructure? Absolutely not.

We need another way. We need to adopt a “zero trust” way of thinking and acting.

What is zero trust? Zero trust is an approach to identity and access management which demands that no user or action or access is trusted by default; all users and devices and applications must prove that they are authorized to access the resources they request. Not just once, but they must sustain that assurance. The benefit is to help prevent breaches, to expose successful breaches earlier, and so prevent or minimize the damage.

In is out and out is in

No, I’m not channeling my inner Cheshire cat with a Mad Hatter riddle. Aberdeen Strategy & Research tell us in their new technical brief “Zero-Trust Initiatives for SMBs in 2022: 5 Trends to Keep in Mind”  that most SMBs today "operate in a computing environment where 'outside' and 'inside' the network no longer has much meaning."

In a non-zero-trust model (which is not uncommon for many SMBs), once a user or device gets inside the network, they are considered "trusted" and can access many of the resources which are then exposed inside the network. What this means is that we should not inherently trust those devices or users merely because they are inside the network already. They could be the breach, right?

Aberdeen tells us that “Zero-Trust is among the Top-5 funded cybersecurity initiatives in 2022, for >90% of all SMB respondents (defined as organizations having between 20-500 employees).” I suggest that if you are not already planning how to incorporate zero-trust into your IT security models and approaches, you had better get going before you’re too late.

Don't trust me, though (wink wink). You can learn more by reading the Aberdeen technical brief and listening to our HPE Tech Talk podcast “How to keep the good guys in and the bad guys out” with Aberdeen VP and Research Fellow Derek Brink.

Mark Simpkins
Hewlett Packard Enterprise

twitter.com/HPE_Servers
linkedin.com/in/mark-simpkins-526a941/
hpe.com/servers

Labels:
0 Kudos
About the Author

marksimpkins

Mark is the marketing manager for the Small and Midsized Segment here at HPE. He blogs on topics of interest that can help our SMB servers and solutions customers and partners.

Top Kudoed Authors Last 30 Days
Author
Kudos
ComputeExperts Avatar
ComputeExperts
2
View all
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.