In an increasingly digital world with ever-growing cyber threats, the need for robust cyber security strategies is paramount. This is where Zero Trust 2.0 – a comprehensive framework developed by the Cyber Security and Infrastructure Security Agency (CISA) – comes into play. We have already reported on this in another blog article.
Zero Trust 2.0 builds on the principles of zero-trust architecture and introduces five interconnected pillars to create a stronger defence against today’s cyber threats. Our blog series will look at each of the pillars and showcase specific measures and approaches that can be used to achieve an advanced level of security with existing technologies.
One pillar of Zero Trust 2.0 focuses on the security of devices – the basis of our digital world in terms of cyber security. From laptops and smartphones through to IoT devices: while these endpoints connect us to the digital universe, they also represent significant vulnerabilities at the same time. This is where device security comes into play with Zero Trust 2.0.
In this section, we will look at the critical aspects of this pillar and examine specific measures and approaches you can take to raise your device security to an advanced level – all using existing technologies.
To achieve an advanced level of security, companies should:
At the heart of device security lies the principle of constant vigilance. While traditional security models relied on protecting the environment, Zero Trust 2.0 recognises that threats can also come from within and that they can adapt quickly. Implementing EDR solutions can minimise these risks.
EDR goes beyond traditional antivirus software by continuously monitoring endpoints for suspicious activity. If a potential threat is detected, the EDR solution reacts in real time and isolates the device or takes the necessary measures to neutralise the threat. This level of proactive protection is essential in today’s threat landscape.
The ubiquity of mobile devices in everyday professional and private life makes them a prime target for cyber criminals, so it is crucial to extend the principles of Zero Trust to these devices. Mobile device management (MDM) systems play a central role here and enable companies to enforce security policies for mobile devices. They also guarantee that these devices are patched to the latest standard, that encryption is activated and that they are configured securely, all of which helps to ensure that mobile devices do not become weak points in the security chain.
Ensuring that only authorised persons and devices can access your network is a cornerstone of Zero Trust. NAC solutions offer the opportunity to do just that. They enforce policies that grant or deny access based on device status and identity. For example, a device that does not have up-to-date anti-virus software or has known vulnerabilities can be denied access to sensitive resources until it satisfies the security standards. NAC thus increases security by ensuring that only trusted devices can connect to the network. This reduces the attack surface and optimises the zero-trust approach.
An advanced level of device security requires a holistic approach. It is not enough to rely solely on (just) one technology or strategy. Companies should therefore integrate EDR, MDM and NAC into a standardised security framework. These technologies work in tandem and together form an optimal defence against threats at the endpoint – based on Zero Trust. In addition, regular security assessments and penetration tests can reveal weaknesses in your device security strategy and enable continuous improvement.
The implementation of the zero-trust framework requires careful planning. A key aspect is the categorisation of endpoints for the Zero Trust Network Access (ZTNA), be it based on agents or communication behaviour – even for IoT devices.
Categorising all endpoints is essential for creating security rules on a firewall or policy enforcement point (PEP). In this way, each device is identified and access is only granted to authorised end devices.
However, categorising endpoints is only one part of the puzzle. Further information must be taken into account for a full implementation of the ZTNA approach. This includes:
Organisations can achieve a higher level of security and compliance by implementing these technical measures and continuously monitoring endpoints. The combination of all these factors enables precise and adaptive control of the network access by end devices, which corresponds to the zero-trust principle.
To summarise, device security within the concept of Zero Trust 2.0 forms the foundation of any robust cyber security strategy. Companies can strengthen their digital line of defence by implementing EDR for continuous vigilance, MDM for mobile device control and NAC for targeted access control. The advanced level of device security is not achieved through a single measure, but through a comprehensive, integrated approach that adapts to the constantly changing threat landscape.
The implementation of suitable technologies and strategies helps to ensure that your devices become reliable partners in the digital world and not vulnerable weak points. This is crucial to protect yourself in an increasingly complex and threatening digital world
The second part of the blog series will look at another important aspect of Zero Trust 2.0: identities. In the dynamic threat landscape, controlling access to your digital realm is of immense importance – and identities are the gatekeepers.
Our blog series "Zero Trust 2.0 - Implemented in 5 steps" gives you a complete 360° perspective:
Part 1: Device security
Part 2: Identity management
Part 3: Network security
Part 4: Data security
Part 5: Analytics and automation
We wish you an inspiring read.