Cybercrime, and ransomware in particular, is the most significant threat facing organisations today. From critical national infrastructure providers and large corporates to hospitals and small businesses, research suggests that this scourge is the most immediate danger to South African businesses.

It has become such a problem that Microsoft research revealed that ransomware attacks increased by a staggering 150% in 2021. To make matters worse, many businesses are leaving themselves vulnerable because they don’t have the right tools or incident response plans in place.

Trust no one

However, ransomware is a threat that can be countered — and this is where the Zero Trust security model comes into play.

Zero Trust is a security framework that requires all users, regardless of whether they are in or outside the company’s network, to be authenticated, authorised, and continuously validated for security configuration and posture before being permitted, or keeping access to apps and data.

The Zero Trust framework essentially removes the traditional network edge, and covers on-premises networks, ones in the cloud, or a mixture or hybrid networks with resources residing all over. It also covers distributed workforces.

In this way, when all transactions are verified, the principle of least privilege is enforced, and users and devices have access to only what is strictly needed to perform their functions.

Future-proofing ICT infrastructure

There are three basic principles of Zero Trust that enable businesses to future-proof their ICT infrastructure and protect themselves from cyberthreats.

The first is verifying explicitly, which means always authenticating and authorising based on all available data points. These include user identity, location, device health, service or workload, data classification, and anomalies — there are no exceptions.

Next, Zero Trust enforces least privileged access, which limits user access with just-in-time and just-enough access, policies that are risk-based and adaptive, and data protection that not only secures data but productivity, too.

Thirdly, Zero Trust operates on the principle of “assume breach” — a stance that assumes cyberattacks will happen, not that they might happen. This basic shift in mindset transitions defence strategies from the passive to the active, and operates in a manner that limits potential damage by segmenting access.

Understanding the business’s data

While Zero Trust sounds like a true cybersecurity breakthrough, it’s easier said than done, and many organisations do not know where to begin.

The first step, as with most data protection initiatives, is understanding what data the business has, and where it is housed. Entities need to know the level of data sensitivity and potential risks of exposure to establish where Zero Trust should be enforced.

When it comes to cloud-based storage and applications such as e-mail and cloud data storage, mandating a zero-trust environment is the ideal choice, and key to mitigating risks. If this approach is not adopted, company passwords, devices and sensitive data run the inevitable risk of an attack.

Advanced authentication methods

Similarly, a breach becomes practically an inevitability if user authentication methods are compromised. Unauthorised access to a staff member’s PC or other devices shows threat actors the chink in the security armour they need to gain access to the company’s network.

Zero Trust ensures that users are who they claim to be, which is crucial in today’s hybrid and distributed working environments. In addition, employing multifactor authentication is an excellent way to build a more secure environment. Passwords are inadequate weapons in the cybersecurity arsenal and have proved ineffective when it comes to mitigating increasingly sophisticated threats as they are compromised easily and often.

When two-factor authentication is combined with the biometric capabilities that come as standard on many leading devices, such as Windows Hello for Business, it is much more effective at protecting businesses and their networks from attacks, particularly when augmented with a Zero Trust security strategy.

Aligning hardware security and software

In addition, the operating system on its own cannot be relied upon to protect companies from the broad range of tools and techniques bad actors have at their disposal to compromise a network.

Once a malefactor has found their way inside the network, they can deploy malware into device firmware that is extremely difficult to remove. Moreover, they can move laterally, performing reconnaissance, and exfiltrate confidential data and company credentials. Unfortunately, it can take many months to discover that an intruder is lurking on the network, which gives them plenty of time to achieve their goals.

This is why a strong alignment between hardware security and software-based security applications has become crucial. Modern threats call for hardware that is secure at the chip and processor level, and that secures sensitive business data right where it is stored.

There are complete families of vulnerabilities that can be eliminated by having built-in security capabilities starting at the hardware level.

An all-in-one solution

Fortunately, Microsoft has the answer and has built all of these capabilities into its Windows 11 Secured-core PCs.

Furthermore, dramatic performance enhancements can be achieved when compared to deploying similar security capabilities with software on its own. This greatly enhances a system’s overall security posture without having to trade any system performance.