Zero Trust: What’s Behind the Buzzwords?
Cybersecurity best practices are constantly evolving, and “zero trust” is moving with the times. This popular approach to today’s cybersecurity landscape is shifting defenses from network-based perimeters to users, assets, and resources. Adopted in response to dispersed endpoints, remote users, bring your own device (BYOD) policies, and cloud-based assets, zero trust serves as a valuable guide for MSPs and your SMB clients.
Table of Contents
What Is Zero Trust?
According to the National Institute of Standards and Technology (NIST):
“Zero trust provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised. The goal is to prevent unauthorized access to data and services and make access control enforcement as granular as possible.”
Legacy systems were built on implicit trust – e.g., if you’ve got the keys to the castle, you can probably be trusted within the network. Zero trust recognizes the vulnerability of implicit trust and instead approaches cybersecurity with the assumption that everyone is a suspect. With that assumption, zero trust demands data-centric, fine-grained, and fluid security controls between users, systems, data, and assets that change over time.
While the term was coined in 2010 by Forrester Research Analyst John Kindervag, it became popular after Google announced its implementation of zero trust security within its network. That sparked interest in the term and, eventually, adoption within the tech community. According to The State of Zero Trust Security 2022, 55% of organizations have a zero trust initiative in place, and 97% plan to have one in the coming 12 to 18 months. This is a significant increase from the 2021 survey where only 24% of respondents reported having a zero trust initiative in place.
What Does Zero Trust Mean for MSPs?
As data protectors, MSPs must know what zero trust is, be able to discuss it with customers, and have evidence of how their vendors and solutions are driving a zero trust architecture. Despite the rapid adoption of zero trust as a concept, there is no agreed-upon infrastructure for implementation. Instead of a one-size-fits-all model – which never really works in cybersecurity anyway – there are a variety of roadmaps and guidance models to pull from, including the following:
- Zero Trust Maturity Model from the Cybersecurity and Infrastructure Security Agency (CISA)
- Zero Trust Architecture from the National Institute of Standards and Technology (NIST)
- Embracing a Zero Trust Security Model from the National Security Agency (NSA)
Regardless of how you implement zero trust policies, it’s essential as a solution provider to vet your vendors for a zero trust architecture – especially regarding business continuity and disaster recovery (BCDR). Your BCDR vendor must be open, transparent, and, quite frankly, eager to show you how your data is being protected. Anything less may indicate a legacy infrastructure that could put you and your customers at risk.
How is Axcient Implementing Zero Trust?
We’re thrilled you asked! We love talking cybersecurity. As a 100% MSP-only solution provider, Axcient is dedicated to curing data loss and keeping businesses running. We do it using the secure Axcient cloud, best-in-class features, and supply chain security.
The Axcient Cloud
Axcient data centers have exceeded industry standards for security, integrity, resiliency, availability, and performance for years. Today, tens of thousands of companies worldwide choose to host their data in Axcient data centers for reliable BCDR. Each of our four data centers is designed for ultimate resiliency and is strategically located in disaster-safe regions. Other key features include:
- 99.99999999% reliability in all cases means there’s a 1 out of 10 billion chance of a data loss event occurring.
- < 5 minutes of downtime/year on average.
- Isolated backup and recovery cloud layers deliver fault tolerance and restrict the reach and impact of an incident.
- Enforced compartmentalization of data to limit the scope of unanticipated issues further.
- 24/7/365 monitoring and management of data centers allow for proactive resolutions.
- SSAE 16 Type II Certified or SOC Certified data centers.
>> Download the Axcient Cloud Data Sheet for a complete list of the physical and virtual security measures being implemented for Axcient Cloud security.
AirGap Anti-Data Deletion Technology
Axcient’s AirGap technology is the ultimate last line of defense in a zero trust architecture. When endpoint protection fails and firewall security is compromised – even after a hacker thinks they’ve deleted business-critical data and backup files – AirGap has your back.
AirGap separates data deletion requests from the actual mechanics of data deletion. With AirGap, data can only be deleted after passing through a safety archive that gives MSPs time to verify what’s being deleted and why. Fake signals or “honeypots” are embedded into the technology to trick hackers into believing their attack was successful when in fact, the data is fully intact and available for near-instant recovery.
- Protects every system in the Axcient Cloud starting from the very first backup.
- Fully automatic, always-on, and instantly applied to all data in the Axcient cloud.
- Third-party tested by independent information security management company, FRSecure.
- Multiple validations from authorized individuals are required to both create deletion requests and fulfill deletion requests.
>> Download the Axcient AirGap Technology Overview to learn more about how AirGap supplements a zero trust architecture.
AutoVerify Automatic Backup Verification
As the name implies, Axcient’s AutoVerify feature automatically verifies the integrity of backups, so MSPs don’t have to do this task manually. AutoVerify virtualizes the latest backup recovery point for each protected system and intelligently tests all drives, vaults, and data daily to validate backup snapshots’ recoverability. Furthermore, AutoVerify captures a screenshot of the protected system to give MSPs peace of mind and assurance that backups are safe.
- Fully automatic, always-on, and instantly applied to every system.
- Zero configuration
- Numerous deep volume tests asses bootability, operating system health, data corruption, and file system and application integrity.
- Support alerting and escalation rules warn MSPs about potential issues before they become problems.
>> Download the Axcient AutoVerify Data Sheet to see how AutoVerify supports zero trust while lowering recurring costs.
Software Supply Chain Security
Axcient enforces our own software-specific zero trust model to mitigate the risk of unintended changes to our products from any source, regardless of location. This includes strict internal controls over source code changes, software builds, software deployments, and software agent capabilities. We also conduct regular internal and external penetration testing with third-party experts. For example, in recent SecurityScorecard evaluations, Axcient has maintained consistently high cybersecurity ratings and average industry scores compared to competitors. As of March 2022, our overall security score was 98.
Are You Zero Trust?
We’re here to help! Schedule a 1:1 Demo or Start Your Free 14-Day Trial to learn more about how Axcient can help you optimize your zero trust architecture. Use your commitment to security to reinforce your relationship with existing customers and gain new ones.
>>Visit the Axcient free trial page
About the Author: Carissa Johnson // Product Marketing Manager, Axcient
Carissa Kohn-Johnson has a background in healthcare technology and information technology, and is now the Product Marketing Manager for Axcient. She has a lot of MSP Channel experience from planning and attending hundreds of conferences and tradeshows, and found her passion in IT. Carissa is also an elected official in Cary NC, a town chock full of technology-forward people. Connect with her on LinkedIn – perhaps you can contribute to the Axcient blog?