The 2020 Forrester Risk and Security conference was held virtually earlier this week and though the topics ran the gamut, including our presentation about our partnership with San Francisco, there was one that stood out as the dominant one: Zero Trust.
Zero Trust refers to the idea that trusting anyone—including employees—in the world of security can lead to your downfall. You must secure every vector, every communication, every piece of data.
And that was the constant theme of many of the presentations at the Forrester event.
It started with the framing of the beginning of the work-from-home era as the beginning of the Zero Trust era— ZT Day, for short. That was the day that the perimeter officially evaporated and companies, overnight, had to adopt Zero Trust. The rapidity of that undertaking was unprecedented, and it understandably led to gaps, particularly in the early days of lockdown when employees were falling prey to COVID-related phishing scams, and were adjusting to working from different devices, on not-always-secure networks. In many ways, that transition to Zero Trust is still underway at many companies.
The conference then went on to discuss that as the perimeter as dissolved and credentials proliferate into the thousands, the idea of risk and tolerance is introduced. With so many accounts having to be secure, how do you prioritize? Which are less risky than others? Can you trust any of them?
Zero Trust is also particularly relevant given that, according to Forrester, insiders are responsible for 25% of all data breaches. Because companies trust their users, they often have license to download and look at whatever they want, no matter the sensitivity. The Zero trust model is one way to stop that—and it's exactly why Avanan secures internal email.
Beyond that, conference panelists spoke of the importance of App control in the cloud, since attackers can easily exploit vulnerabilities in trusted apps, or takeover Allow-listed apps with malicious code. Just because you've used Dropbox for awhile doesn't mean it can't be overtaken.
Finally, the discussion expanded past the cloud into network and endpoints, from smart campuses, to vendor management to Zero Trust on the edge.
You need to treat every account, every credential as it could be a threat.
That's how Avanan approaches security. We secure the entire business ecosystem. We start with all your email—inbound, outbound and internal—and gives you complete visibility to every user, configuration, permission change so that we can monitor and stop account takeover.
Avanan practices zero-trust in every way we secure your business. It's why we're Gartner's 2019 Peer Insights Customers' Choice for Email Security.