Devices and zero trust

In a zero trust environment, every device has to earn trust in order to be granted access. When determining whether access should be granted, the security system relies on device metadata, such as what software is running or when the OS was last updated, and checks to see if the device meets that organization’s minimum bar for health. Think of it like your temperature: under 100 degrees and you are safe, but go over and you are now medically in fever territory, and you may not be allowed into certain venues.Zero Trust relies on WHO you are and WHAT you are using to determine accessIn this issue of GCP Comics we  focus on devices, and how they play into a Zero Trust environment.Device data can take many forms, and can come from many sources. We recommend collecting multiple types of data from multiple systems and using it to make well-informed decisions on which devices get access to your important systems.What are some of those data types?Operating system version: to help you limit access for older, unsupported releasesPatch date: to find out if there are unpatched vulnerabilities presentLast check-in date: to understand how long this machine has been ‘offline’Binaries installed: to see if there’s any known malware or dangerous executablesExecutables run recently: to see if anything fishy is still runningDisk encryption: to see if the device complies with data protection policiesLocation data: to restrict access to some tools to only specific cities, states, or countriesUser(s) logged in recently: to see if other people might be sharing this deviceAnd where can you gather the data? There are many sources, including:DNS serversDHCP serversLocal agentsMobile device management solutionsOS-specific management toolsFor more on this topic, check out the following resources:OSQuery – Open source endpoint visibilityEndpoint Verification – Google Cloud inventory managementBeyondCorp: Building a Healthy FleetBeyondCorp: Design to Deployment at GoogleWant more GCP Comics? Visit gcpcomics.com and be sure to follow us on Twitter at @pvergadia and @maxsaltonstall so you don’t miss the next issue!Related ArticleWhat is zero trust identity security?A zero trust network is one in which no person, device, or network enjoys inherent trust. All trust, which allows access to information, …Read Article
Quelle: Google Cloud Platform

Published by