One of cybersecurity’s biggest challenges is managing the direct connections to endpoints within a company’s fleet of devices. Zero Trust’s approach to handling this challenge is by granting least-privileged, secure remote access to the user. While this is great, it still doesn’t answer what can be done about the direct connection of the user to the asset.
As we round out our Beyond Zero Trust blog series with today’s post, be sure to read our previous posts on enhancing endpoint security and on strengthening your supply chain as well.
What is a Protocol Break
A protocol break severs the direct connection of the user to your endpoints. It works by acting as a man in the middle between the user and the endpoint. Here an IP session terminates completely at the intermediate system and the data from that session is then transferred to a completely different IP session, usually using a different protocol.
This is an important feature. While Zero Trust addresses controlling connections with least-privileged, secure remote access, severing the direct connection between human and endpoint takes you a step further in protecting your fleet.
What it Means for Your Cybersecurity
With ConsoleWorks, all access is negotiated and brokered through the protocol break it creates. If there is malware or a virus residing on the connected user’s PC, it is looking to spread and hop to the next system. The protocol break sitting between the user and the endpoint prevents this from taking place.
The device that is compromised will be unable to communicate using the protocols ConsoleWorks creates, restricting the compromised PC’s ability to infect other devices it wants to connect to.
There are further benefits beyond the protocol break as well. Because the user logs into ConsoleWorks, he or she won’t know passwords to your endpoints, as they are never directly accessing them. It is ConsoleWorks that is brokering the connection between user and endpoint. This enhances your password security further by veiling the passwords of your fleet of devices from users connecting to them.
Maximizing Your Cybersecurity Maturity
If you didn’t catch our previous series exploring Zero Trust security, we reviewed its three core security principles of least privileged access, never trusting a connection, and assuming a breach. If you are on the path to a mature Zero Trust implementation, these are good reference points, as is our Beyond Zero Trust white paper. It features maturity models, design considerations and more that will help you on your journey toward better security against today’s threats.
In addition, we also have our Password Security Maturity Model and Secure Remote Access Maturity Model, which explore from levels 0-5 what is needed to achieve a truly sophisticated password or SRA implementation.
These resources will help get you started, however you can also talk to us directly here and learn how we can help you enforce your Zero Trust and beyond implementation in your IT or OT environments.
