For those who are responsible for the management of a company’s IT infrastructure, it is quite clear that the moat technique, i.e. the old idea of building a moat around a castle to keep intruders at bay, is no longer relevant. This is not only inefficient but also hardly feasible given the number and diversity of entry points into the IS of any company with a reasonable size today.
Indeed, the risks and threats to the information assets of companies and healthcare institutions come as much from the organization’s staff and collaborators as from external enemies. Therefore, focusing on defending the network perimeter gives a partial view of the threat and does not provide a global view of the risks.
In other words, checking the identity of the person or object (machine, IoT) before receiving the authorization to access an IT resource of the company is no longer sufficient. On the one hand, because the delimitation of the perimeter to be protected has become vague and imprecise. On the other hand, because the usurpation of the identity of a legitimate user allows an attacker to pass the castle drawbridge without obstruction and move through the network without being detected as hostile.
For example, the fact that there is no demarcation line between the “inside” and “outside” of the company is particularly sensitive with the ubiquity of “Cloud” services [i], whether public, private or hybrid. In such conditions, how and who can you trust? It is certain that the initial authentication of any partner (human or IT) of a company who wishes to access sensitive resources of the company must be of high quality, i.e. multi-factorial or strong cryptography.
One of the keys to trying to solve the problem is to trust no one a priori. Even if authenticated once trustworthy, it is necessary to continuously measure the degree of trust assigned to any IS user, as mentioned in a previous article . This dynamic index is constantly compared to adaptive alert thresholds. They depend both on the criticality of the actions to be carried out and on the context in which these actions are carried out (the degree of requirements to carry out a given operation from a fixed workstation or a mobile phone).
The complexity of running a company’s infrastructure today means that it is often not humanly possible to fully review all the alerts triggered by a system. Machines must help to analyze this data and this is where artificial intelligence (AI) comes in, to constantly look for unusual behavior after “learning” what is usual and normal in the network. In this way, filtering events is faster, more comprehensive and, ideally, should produce fewer false positives.
Finally, there is another way to improve the security level of the infrastructure and move away from the fortified castles model, which will eventually become like sand castles. It is a question of reversing roles: rather than having an entry point that publishes resources and increases the attack surface of the IS, it is more secure and robust to set up a reception service whose role is to mediate between users and the company’s resources.
Deployed in a demilitarized zone (DMZ), this mediation server is responsible for verifying the identity of requesters and, in the event of successful authentication, contacting a gateway allowing access to the company’s shared resources.
Thanks to this architecture, the IS attack surface is reduced to the strict minimum via the mediation server and there is no connection to the company IS but only from it. Shared resources can therefore not be seen by potential attackers.
Systancia Gate, formerly IPdiva Secure, the ZTNA (Zero Trust Network Access) solution from Systancia, uses this architecture to guarantee a selective access “on demand” to internal resources of the company, anywhere, for any type of system, to any type of user, internal or external, while ensuring the same security level.
[i] Many companies have servers connected to their networks that they are not even aware of.
Frédéric PIERRE – Scientific Director
 Continuous authentication in Cyberia