Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

“Zero trust” is not paranoia; it’s the smart approach to security

Linda Musthaler | Jan. 10, 2011
I recently had a one-on-one discussion with Glenn Hazard, CEO of Xceedium, Inc. We talked about the changing nature of IT security and how, despite the fact that companies have spent heavily on perimeter defense, the investments in various technologies haven’t provided the hoped-for and needed high level of security.

Traditional access control solutions focus on giving users access to systems rather than proving their identity. Such a narrow focus can lead to cases of mistaken identity. Unfortunately, identity is one of several critical concerns legacy access control systems do not adequately address. Other key areas include entitlement (credential management), user monitoring, and auditing.

Xceedium addresses all those areas with a “zero trust access control” system bundled into a neat little appliance called a GateKeeper. This solution provides enforcement of least privilege access control policy on users; containment of users to authorized systems; and continuous monitoring and audit-quality logging for compliance and risk management.

Privileged users such as administrators log onto the network via the GateKeeper appliance, which uses very granular company policies to control precisely what each individual user can do and which resources he can see or access. The user is prevented from accessing resources he is not specifically granted access to through a patented procedure Xceedium calls “Anti-LeapFrogging.”

GateKeeper tracks and logs everything a privileged user does; all keystrokes and screens are recorded and reported upon for an easy audit trail and proof of compliance with PCI, HIPAA and other regulations. (Not all privileged users are IT workers; they might be doctors, nurses or other healthcare workers who should not have access to certain sensitive medical records or equipment, or retail clerks or merchants that are prohibited from handling credit card information.) In addition, real-time activity monitoring can prevent a worker from doing something he doesn’t have privileges for by terminating the activity or session and triggering an alert. The activities log can feed into SIEM systems for a more holistic look at security events on the network.

Hazard says that many prospects come to Xceedium looking for a solution to help with compliance issues – which GateKeeper addresses – but these organizations soon learn that this appliance helps to reduce operational risk as well. It’s an opportunity to advance two agendas: meeting compliance mandates, but more importantly, boosting an organization’s security posture by containing privileged users who have the ability (legitimate or otherwise) to do damage to the organization.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.