Many cyber criminals rely on being able to impersonate an employee in order to access an organization’s information. If they can impersonate an employee on the network, they will have access to everything that employee has access to.
As mentioned in a How-To Geek article, “In a traditional security setup, there’s a built-in assumption that anyone with legitimate access credentials is [trusted]. Remember that line from Star Wars? The one that goes, ‘It’s an older code, sir, but it checks out.’? That’s the sort of security we’re talking about here.”
This level of security implicitly trusts anyone who has the credentials to login or access an organization’s network – where once you’re past the “gate”, you have access to the entire kingdom.
Zero-trust cyber security architecture assumes that just because someone was let into the kingdom, it doesn’t mean they are free to do whatever they want.
“In a zero-trust system, every file, resource, service, or anything that’s on the network has its own security requirement [including all software and applications]. This means no one gets to access something if they don’t have explicit permission. It also means that just because someone is physically on your premises (plugged into a network jack, for example), they aren’t given access to your systems.”
Basically, in a zero-trust network, everything is segmented so that even if there is a breach, access is limited to the small segment of resources to which those credentials are tied. If the criminal tries to run ransomware or malware, it won’t be allowed because those applications are not trusted.
Almost every day there are reports of massive data breaches or of individual people falling victim to their credentials being stolen and suffering financial or other types of damage. Using a zero-trust approach significantly reduces the ability of cyber criminals to cause damage to your network.
If you are concerned that a cyber criminal could access the entire kingdom with any legitimate credentials, let alone an “older code that checks out” – Birmingham Consulting provides complimentary and confidential cyber security risk assessments that will identify vulnerabilities and areas where your company is at high risk: https://www.birmingham.ca/consult/