Devices And Zero Trust

In a zero trust environment, every device has to earn trust in order to be granted access. When determining whether access should be granted, the security system relies on device metadata, such as what software is running or when the OS was last updated, and checks to see if the device meets that organization’s minimum bar for health. 

Think of it like your temperature: under 100 degrees and you are safe, but go over and you are now medically in fever territory, and you may not be allowed into certain venues.


Zero Trust relies on WHO you are and WHAT you are using to determine access


In this issue of GCP Comics we  focus on devices, and how they play into a Zero Trust environment.

Device data can take many forms, and can come from many sources. We recommend collecting multiple types of data from multiple systems and using it to make well-informed decisions on which devices get access to your important systems.

What are some of those data types?

  • Operating system version: to help you limit access for older, unsupported releases
  • Patch date: to find out if there are unpatched vulnerabilities present
  • Last check-in date: to understand how long this machine has been ‘offline’
  • Binaries installed: to see if there’s any known malware or dangerous executables
  • Executables run recently: to see if anything fishy is still running
  • Disk encryption: to see if the device complies with data protection policies
  • Location data: to restrict access to some tools to only specific cities, states, or countries
  • User(s) logged in recently: to see if other people might be sharing this device

And where can you gather the data? There are many sources, including:

  • DNS servers
  • DHCP servers
  • Local agents
  • Mobile device management solutions
  • OS-specific management tools

For more on this topic, check out the following resources:

Want more GCP Comics? Visit gcpcomics.com and be sure to follow us on Twitter at @pvergadia and @maxsaltonstall so you don’t miss the next issue!

By Priyanka Vergadia(Developer Advocate, Google) and Max Saltonstall(Developer Advocate, Cloud)
Source: Google Cloud Blog



For enquiries, product placements, sponsorships, and collaborations, connect with us at hello@globalcloudplatforms.com. We'd love to hear from you!


Our humans need coffee too! Your support is highly appreciated, thank you!

Total
0
Shares
Previous Article

Data Lake Management Just Got Easier With Dataproc Metastore GA

Next Article
Google Cloud | Cloud Web Publishing | Clouds

Google And The National Science Foundation Expand Access To Cloud Resources

Related Posts