Zero Trust Guidelines for Enterprises
Pönkänen, Pekka (2023)
2023
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2023060521583
https://urn.fi/URN:NBN:fi:amk-2023060521583
Tiivistelmä
In today’s digital environment, enterprises must always be mindful of potential cyberattacks, a phenomenon that has been increasing yearly due to various factors, including the rapid development of technology and devices. Older IT infrastructure approaches with inadequate user and device management can lead to disastrous outcomes. Enterprises with weak security postures bear risks that include reputational harm, essential data loss, and even business disruption.
This study explored the Zero Trust framework and its device security capabilities to help enterprises mitigate possible cyberattacks, ultimately aiming to create a Zero Trust guideline for enterprises and present practical examples of device security. A constructive research method was selected to address the research questions. The theory was explored by inspecting the definition of Zero Trust and a few known Zero Trust frameworks, conducting a scoping literature review using the PRISMA-ScR framework, and researching selected Zero Trust cornerstones (Network, Identity & Devices).
The key results indicate that Zero Trust is an extensive framework in many different areas, containing security practices for areas such as networks, devices, identity, automation, analytics, and data security. Notably, the framework emphasizes the importance of authentication and authorization in every situation. Therefore, enterprises should limit user access and always verify the user, device, or service. Networks should be segmented to avoid lateral movement. Enterprises should have an identity provider to ensure that all access requests are authorized and verified. Enterprise devices should be stored in the inventory to collect information such as operating system updates, security controls, and device ownership. In the implementation chapter, macOS security controls showed that with simple changes, enterprises could protect their devices from various cyberattacks. Ultimately, implementing Zero Trust in an enterprise requires specialized expertise and resources and is a team effort.
This study explored the Zero Trust framework and its device security capabilities to help enterprises mitigate possible cyberattacks, ultimately aiming to create a Zero Trust guideline for enterprises and present practical examples of device security. A constructive research method was selected to address the research questions. The theory was explored by inspecting the definition of Zero Trust and a few known Zero Trust frameworks, conducting a scoping literature review using the PRISMA-ScR framework, and researching selected Zero Trust cornerstones (Network, Identity & Devices).
The key results indicate that Zero Trust is an extensive framework in many different areas, containing security practices for areas such as networks, devices, identity, automation, analytics, and data security. Notably, the framework emphasizes the importance of authentication and authorization in every situation. Therefore, enterprises should limit user access and always verify the user, device, or service. Networks should be segmented to avoid lateral movement. Enterprises should have an identity provider to ensure that all access requests are authorized and verified. Enterprise devices should be stored in the inventory to collect information such as operating system updates, security controls, and device ownership. In the implementation chapter, macOS security controls showed that with simple changes, enterprises could protect their devices from various cyberattacks. Ultimately, implementing Zero Trust in an enterprise requires specialized expertise and resources and is a team effort.