Your IT Support Experts

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(205) 208-0340

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

TS3 Technologies Blog

TS3 Technologies has been serving the Alabama area since 2011, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Don’t Trust, Verify: How John Kindervag Shifted Our Approach to Security

Don’t Trust, Verify: How John Kindervag Shifted Our Approach to Security

Businesses of every size need to prioritize their security. This fact has not changed and will not change anytime soon. What has changed, however, are the recommended ways to approach this security.

Today, we wanted to review the history of today’s predominant cybersecurity advice and explore how the zero-trust security model applies.

Meet John Kindervag, the Godfather of Zero Trust

Once an apprentice to be a typewriter repair specialist before transitioning into the role of broadcast engineer and then diving into the world of computer animation (and building his own high-end computers in his spare time), Kindervag ultimately credits the video game Doom for his interest in networking.

How a Game Inspired Today’s Most Effective Network Security Strategy

Under the pretense of using it to transfer animated files (which were too large to be shared in this way at the time), Kindervag convinced his bosses to allow him to build an ethernet network to more effectively support the after-hours multiplayer LAN (local area network) parties that were held in the office.

He wasn’t the only one, by the way… many advancements in computing and networking were initially made in the interest of playing Doom (no word on whether they were primarily using it to play the cooperative multiplayer campaign or the player versus player deathmatch mode).

However, as he worked on these networks, Kindervag realized they were inherently insecure, with little attention paid to their security in favor of routing and switching. With the only protection being a firewall to keep threats out, there was little stopping users from removing data from the network. The trusted, internal network that the business maintained could easily allow data to be shared to an untrusted, external network… like the Internet.

John saw this as “insane”—his word for it—and concluded that all interfaces should have zero inherent trust. Hence, the zero-trust framework.

How Zero-Trust Works

To create a zero-trust system, there are five critical steps that an organization must take:

Step One: Defining the Protect Surface
As Kindervag puts it, “Zero Trust inverts the traditional problems of cybersecurity. Instead of focusing on what's attacking you, it focuses on what I call the Protect Surface. What do I need to protect?”

In other words, you need to identify all the data you have that needs to be protected, whatever form that data takes. Only then will you know the scope of your data protection needs and be able to cover them adequately.

Step Two: Mapping Your Data
So, once you know what data you possess, you need to fully understand how the rest of your business and its IT infrastructure interact with it. Which users need access to what, which applications regularly access this data, and how is your infrastructure set up to store and transfer it? This information is critical to the next step.

Step Three: Designing an Architectural Framework
With all these insights in mind, you must then create a framework that meets all of the above needs and requirements, explicitly considering your IT infrastructure and its construction. While some frameworks may ultimately look similar, any zero-trust strategy needs to be customized to the individual business—hence, all the audits and mapping.

Step Four: Creating Your Zero-Trust Policies
With your network designed to be more security-focused, you need to identify and dictate who can access what, how and when they can, from where, and for which purpose. This goes for every user, role, device, and network, as any of these could be used to access information without authorization.

Step Five: Monitoring and Enforcing Compliance
Finally, you’ll want to actively monitor your network to identify any oversights or loopholes in your zero-trust implementation. This will allow you to make corrections that resolve security issues and potentially optimize your business network's performance.

Some Pieces of Advice from Kindervag

First and foremost, Kindervag reminds us all that security issues like ransomware and other attacks—the kind that zero-trust actively helps mitigate—are not prejudiced against any kind or size of business. As a result, everyone is a target, and the impacts of a cyberattack can easily have severe real-world repercussions in our highly digitized society… and not always the kind you might expect. 

Kindervag refers to a ransomware attack targeting a Swiss Alps dairy farmer and his milking machines. While the farmer could still manually collect milk from his livestock, he couldn’t access the telemetric health data that may have prevented one of his cows from dying.

Emotional losses from losing an animal aside, that’s potentially a few hundred dollars of profit each year, just gone.

Kindervag also points out that many large businesses are still about as prepared as this farmer was to deal with ransomware, even though computer systems and their processes directly impact a modern business’ success. Therefore, according to Kindervag, the most intelligent and cost-effective approach is to be proactive in fighting cybersecurity threats.

We Agree, and We Can Help

If you’d like advice and assistance in keeping your business secure and productive in the face of modern cybersecurity issues, call TS3 Technologies at (205) 208-0340 to find out what needs to be done to implement a zero-trust approach.

Five Cybersecurity Red Flags That Are Often Missed
How to Secure Your File-Sharing Practices for Impr...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, December 23, 2024

Captcha Image

Customer Login


News & Updates

TS3 Technologies is proud to announce the launch of our new website at http://www.ts3.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.

Contact Us

Learn more about what TS3 Technologies can do for your business.

TS3 Technologies
3 Riverchase Office Plz Ste 226
Hoover, Alabama 35244