SaaS News Hubb
Advertisement
  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us
No Result
View All Result
  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us
No Result
View All Result
SaaS News Hubb
Home Software Development

Zero Trust Strategy: Part 2 Identity

by admin
May 16, 2022
in Software Development
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter


An Enterprise-wide Identity System has two fundamental requirements:

(1) a holistic view of users, with a strong understanding of their responsibilities and authorities, and 

(2) an ability to verify the identities of users when they attempt to access systems.

 

The good news is that this can be easily accomplished in most existing environments, especially if you have a Microsoft Windows Domain. We’ll take a look at some examples in just a second, but first let’s make sure we understand the specifications. Simply having a Windows Domain doesn’t check the box – you actually have to turn on the required security controls.

Let’s look at an example. Alice, a domain administrator, logs in at 7pm Eastern Standard Time to make some user modifications. Consider these questions:

  • Does Alice normally work nights? 

  • Is Alice based in California, making it 4pm local time for her? 

  • Does Alice’s role involve her making user modifications?

The ZTA concepts go beyond simply assigning roles. You need the context to understand the different types of access, verify the identity when necessary, and retain the ability to restrict access if certain criteria is not met.

An example I love to talk about involves badging systems. Most government spaces require a physical badge to access various buildings or offices. This badge system maintains a log of user activity including timestamps, though rarely is this information used by security teams to check for anomalies in user behavior. Through simple automation and connecting the required systems, a check can be performed to validate a user’s physical location and correspond it with their standard behavior on the network. 

There are two other considerations when looking at an Identity System: Single Sign-on (SSO) and the integration of non-graphical user interfaces. Let’s reference the memo:

As a general matter, users should be able to sign in once and then directly access other applications and platforms within their agency’s IT infrastructure.

 

… an agency’s enterprise identity systems should also be capable of supporting human authentication through non-graphical user interfaces, such as scripts and command line tools

 

There are many SSO solutions out there. What works for your organization will be highly dependent on what types of systems you have in place, and what type of architecture you have (on premises, virtual, cloud, etc.). For instance, Microsoft maintains their own SSO solutions, but Okta is a vendor that provides a solution for many organizations having a distributed non-Windows domain environment.

And you can’t forget about non-graphical systems, scripts, and command-line tools! A common example of this can be seen where there are proper controls setup in a Windows domain, but within that network is a Linux server hosting some application. Attackers can use this to pivot and bypass existing controls due to it having more relaxed restrictions. Implementing a solution for this may require a deeper technical engineering plan, but is nonetheless important.



Source link

Previous Post

Why Third Parties Are Taking an Interest in Your Client’s Website Security

Next Post

Buoyant Cloud with William Morgan

Related Posts

Software Development

Pluralsight LIVE 2021 Week 1 recap: Stronger together

July 1, 2022
Software Development

Weekly News for Designers № 650

July 1, 2022
Software Development

What is Web 3.0 and Why it Matters for Your Business?

July 1, 2022
Software Development

Advanced Persistent Threat Attacks | Pluralsight

June 30, 2022
Software Development

6 Free Animated Typeface Templates for After Effects

June 30, 2022
Software Development

What Is Scrum Development or Agile Scrum Methodology?

June 30, 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Most Popular

News

How Customer Loyalty Can Drive B2B SaaS Business Growth

July 1, 2022
What is Gross Revenue? [+ How to Calculate & Record It]
News

What is Gross Revenue? [+ How to Calculate & Record It]

July 1, 2022
Software Engineering

Write Better Commits, Build Better Projects

July 1, 2022
Software Engineering

The Overflow #132: The 2022 Dev Survey results!

July 1, 2022
Software Engineering

A Guide to Animating Mobile Data Visualizations

July 1, 2022
Software Engineering

Earthly Builds with Adam Gordon Bell

July 1, 2022
Software Development

Pluralsight LIVE 2021 Week 1 recap: Stronger together

July 1, 2022
Software Development

Weekly News for Designers № 650

July 1, 2022
Software Development

What is Web 3.0 and Why it Matters for Your Business?

July 1, 2022

© 2022 Sass News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy

Navigate Site

  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Software Engineering
  • Software Development
  • SAAS Applications
  • Contact Us