Through the new realities of working from home, organizations are seeing a substantial increase in the diversity of devices accessing their networks. In a receive survey, due to the pandemic, 86% of IT leaders say at least ¼ of their staff are connecting to the corporate networks through personal and shared devices right now. With not all endpoints being managed, or even owned by the organization, this can lead to different device configurations and software patch levels, increasing the potential attack surface.
Many organizations are implementing a zero trust security model where devices are monitored for health and compliance before granting access to corporate resources. Gaining visibility into the threat landscape is a vital step on this journey.
Zero trust principals; Verify Explicitly, Use Least Privileged Access and Assume Breach. In terms of endpoints, this means always verify all endpoints, inclusive of contractor, partner, guest devices and devices used by employees to access work data, regardless of device ownership. Gain visibility into devices accessing the network and ensure compliance and health status before granting access.
There are a few key rules for securing devices and endpoints in a Zero Trust model:
- Zero Trust security policies are centrally enforced through the cloud and cover endpoint security, device configuration, app protection, device compliance, and risk posture.
- The platform as well as the apps that run on the devices are securely provisioned, properly configured, and kept up to date.
- There is automated and prompt response to contain access to corporate data within the apps in case of a security compromise.
- The access control system ensures that all policy controls are in effect before the data is accessed
As organizations began their Zero Trust journey for devices, access our webinar where we walk through the several considerations for Zero Trust for device management and the steps you can take to implement based on where you on the journey.
- Modern management – devices are registered and managed from the cloud.
- Security configurations – On-prem GPOs analyzed and converted to modern configurations.
- Conditional Access – Access is only granted to cloud-managed and compliant devices and apps
- Device Risk – Endpoint threat detection is used to monitor device risk
- Endpoint DLP – Data loss prevention policies are enforced for BYO and corporate devices.
A Zero Trust approach can significantly strengthen the security posture of your devices and endpoints.
Get started with your Zero Trust Journey for Devices
- Evaluate your current Zero Trust maturity stage to determine where your organization is and how to move to the next stage
- Access the deployment guide for Zero Trust for Endpoints
Leverage the Endpoint manager evaluation Lab Kit