Connect with us

Hi, what are you looking for?

Economy

IBM exec advocates ‘zero trust’ approach to security 

Companies that employ “zero trust”  an approach to security that relies on continuously verifying the trustworthiness of every device, user, and application in an enterprise — had a smoother transition to working from home than those that didn’t, according to a study by Enterprise Strategy Group (ESG), an IT analyst, research, validation, and strategy firm. 

According to the study, released in April, 45% of organizations who were more mature in their zero trust strategies adjusted better to telework as compared to 8% of those that were less mature. 

“We have many applications in the cloud, and we manage many devices especially in IoT (Internet of Things). Zero trust helps us manage this new environment and protect Dow’s information,” said Mauricio Guerra, chief information security officer of plastics manufacturer Dow Chemical Company, at IBM’s Think Conference 2021, a two-day virtual conference that ran May 11–12. 

With their users, data, and resources spread around the world, companies have to prioritize securing potentially sensitive or confidential data at every layer of the organization.  

KEEP YOUR OWN KEY
At the same conference, IBM Systems senior vice-president Tom Rosamilia said that there are three core principles to the zero-trust approach: least privilege access; never trust, always verify; and assume breach.  

Open security, he added, is critical to the success of zero trust. Open-source software is code that is designed to be publicly accessible — anyone can see, modify, and distribute the code. IBM has been betting on open source for a long time, said Mr. Rosamilia, with its subsidiary Red Hat enabling community-driven innovation. Benefits of using open-source software, according to Red Hat, include lower cost, transparency (which reduces software bugs), and collaboration (which accelerates innovation). 

Mr. Rosamilia also warned against relying on a single provider. “Customers have key control [of their data],” he said. “It’s called keep your own key. Don’t entrust your data to anyone  not us, not anyone else.” 

TIPS FOR IMPLEMENTATION
Although zero trust offers improved security, it is not easy to put in place, according to a 2020 Forrester Research paper. It’s a gradual process requiring security teams to coordinate and understand the context behind all the connections occurring in the business: data, users, devices, applications, and workloads. Four tenets can be considered to be successful with zero trust, said the paper: 

  • Define context-organizations need to understand what users, data, and resources are connecting across the business to create coordinated security policies aligned with business goals 
  • Verify and enforce- organizations need to continuously verify that each and every connection is acceptable and trustworthy at that moment 
  • Resolve incidents- organizations need to always plan for anomalies such as new business situations or incidents stemming from unknown threats 
  • Analyze and improve- organizations need to realize that security is never “done” and continually improve their security posture by adjusting policies to make faster, more informed decisions 

“My advice would be to start by developing a growth map,” said Dow Chemical’s Mr. Guerra. “Where do you want to be? How will you get there? This will change over time, but you need a road map to make sure you’re heading in the right direction.” — Patricia B. Mirasol 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the daily email that makes reading the news actually enjoyable. Stay informed and entertained, for free.
Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

Latest

Economy

Leading digital solutions platform Globe was recently recognized by the ASEAN Innovative Business Platform (AIBP) for being a trailblazer on environmental, social, and governance...

Economy

  Spotlight is BusinessWorld’s sponsored section that allows advertisers to amplify their brand and connect with BusinessWorld’s audience by enabling them to publish their...

Economy

NEW TAXES may have to be introduced to fund the incoming Marcos administration’s priority projects, but the timing would have to be carefully considered,...

Economy

By Revin Mikhael D. Ochave, Reporter AS FERDINAND R. MARCOS, JR. is poised to assume office on June 30, business groups are hoping the...

Economy

THE PHILIPPINES may find it more costly to service its foreign debts, as the peso slumped to its weakest value against the US dollar...

Economy

By Arjay L. Balinbin, Senior Reporter SPECTRUM USER FEES (SUF), which telecommunications companies described as excessive, are unlikely to be lowered under the Marcos...

You May Also Like

Investing

Having a good Instagram marketing agency to back up your Instagram account is an absolute must going into the new year. With competition stronger...

Economy

Ivermectin, an existing drug against parasites including head lice, has had a checkered history when it comes to treating COVID-19. The bulk of studies...

Investing

Insomnia is the most common sleep disorder in the global population. Therefore, it is a problem that many people suffer or have suffered throughout...

Investing

As a traditionally rigid insurance industry becomes bogged down by antiquated processes and operations, a handful of industry leaders are seeking to shake things...

Disclaimer: SmartRetirementReport.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2021 SmartRetirementReport. All Rights Reserved.