Rebuild Systems with a Holistic Approach to Security
Whenever a new security risk emerges, the initial response is often to search for a new tool. But Paul Kaspian, a principal product marketing manager at Palo Alto Networks, recommended against this approach.
“That puts you in a situation where you have a disparate set of technologies and tools that may or may not integrate,” Kaspian said at the talk.
As higher education institutions rebuild infrastructure and migrate to the cloud, taking an integrated approach to security is critical. “It gives us an opportunity, as an industry, to go off and retool some of our approaches to security as we’re rebuilding these various facets of our organization across the network, across the data center and across security operations,” he said.
One way to take a holistic approach to cybersecurity is zero trust, a security framework that assumes no user on the network can be trusted.
Although a zero-trust security model may feel daunting to implement, this approach can simplify cybersecurity. “Zero trust actually eliminates a lot of the complexity that we’ve built up over the years as an industry,” Kaspian said.
When done right, zero trust should apply to users as well as applications in cloud infrastructure and unmanaged infrastructure such as Internet of Things technologies.
Keep in mind, a zero-trust approach doesn’t necessarily require universities and colleges to purchase more technologies that would increase complexity. In many cases, third parties can help identify tools that institutions already have in place. “Utilize what you have today. It isn’t necessarily about procuring a new tool or a technology,” Kaspian said.