Preempt Blog

The latest insights and advice to keep your company protected from insider threats and breaches

Achieving Zero Trust with Zero Friction

Enterprises have already established the need for Zero Trust security.  The real challenge is how to implement Zero Trust without adding additional complexity and cost for both deployment and ongoing maintenance.   And if we are to follow the key tenants of Zero Trust, how do you continuously assess and challenge users but without creating a painful user experience?  At Preempt, we call the answer to both challenges a Zero Trust with Zero Friction approach. 

At the heart of being able to provide a good, frictionless experience for IT, security, and end-users is the ability to analyze and take action on information in real-time.   The table below summarizes the key principles of Zero Trust and how Preempt approaches them for the best experience possible, without increasing risk or complexity. 

BEST PRACTICE PRINCIPLE  COMMENTS  PREEMPT ZERO FRICTION  
Micro-segmentation  Several approaches are encouraged, including identity-based segmentation. Since 80% of threats involve identity, this is the most effective method to do micro-segmentation.  Identity-based segmentation deploys very quickly without infrastructure changes, works in real-time, and covers on-prem and cloud deployments.  
Enforce Policy Everywhere  Policy creation must be automated and dynamic. This includes legacy systems that may have their own policy systems.  The policy can be system-defined via ML and also user-defined. Attributes are collected from static and 100+ dynamic analytics. This approach reduces the resources required for changes and maintenance.  
Identity Beyond IAM  Identity must provide the risk of both human and application (service) accounts to provide the complete context.  Provides real-time, continuous risk analysis. Can be deployed with or without an end-point user agent when connected to SSO.  

So, we encourage CISOs to ask not just “How can I accomplish Zero Trust?” but rather “How can I accomplish Zero Trust with Zero Friction?”. 

Learn more in our Executive Brief on Zero Trust. 

Topics: CARTA, Multi-factor Authentication,

Posted by Kapil Raina on September 22, 2020 5:19 PM

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More

Developer

What State-Sponsored Attacks Can Teach Us About Conditional Access

People often think that state-sponsored attacks from groups like Lazarus...

Read More

Events

A Simplified Approach to Network Segmentation

Network segmentation has long been one of the most valuable tools for protecting ...

Read More

Research

10 Things You Need to Know About Kerberos

As our research team continues to find vulnerabilities in Microsoft that bypass all major

Read More

Product

Brute Force Attacks: Denying the Attacker, Not the User

According tohaveIbeenpwned.com, close to 8 billion accounts have been compromised...

Read More