According to Tarun Desikan, Banyan Security COO & Co-founder, the vulnerabilities around many remote working systems shows the importance of the Zero Trust approach. This type of approach can be utilized by employees, developers, and third parties to work from anywhere accessing corporate data without relying on network-centric solutions like VPNs.
Tarun Desikan considers a real-life case from the U.S.: “With Congresswoman Nancy Pelosi’s laptop being stolen recently, device loss has been on the minds of security folks.” (Riley Williams has been accused of taking part in the Capitol riot and stealing Nancy Pelosi’s laptop).
In terms of what can be done, Desikan describes: “Full disk encryption and well-chosen passwords help.” However, more can be done.
Desikan explains that “When a laptop is stolen, thieves don’t just get the data on the device itself, they often get the keys to anything that device and its user’s credentials had access to. That’s why zero trust is such an important concept in cybersecurity.”
With Zero Trust, every attempted access is subject to strong authentication. In addition, the accessing device is checked for authority to access.
By Zero Trust, Desikan means: “The ‘Trust no one’ approach, including not trusting users or devices even though they are within a network or have been trustworthy before. I sleep better at night knowing that our Zero Trust system allows me to invalidate a device’s certificate upon loss or theft, rendering it unable to connect to any of my organization’s resources, regardless of what credentials a bad guy has.”
Desikan concludes, simply and to-the-point: “That’s powerful. That’s ‘device trust’.”
