The evolution of security to Zero Trust

Bilal Mujahid
Head of Information Security, iManage
Bilal is responsible for all aspects of information security, including the Zero Trust security architecture.
14 May 2019

A government signals intelligence agency, with the largest cyber security budget in the world, lost a treasure trove of sensitive tools and methods.

This led directly to malware infecting a very large global law firm with a large security staff of its own, causing a yet unreconciled amount of data loss. At around the same time, a large financial credit monitoring and records firm lost an entire country’s worth of PII, despite having sophisticated monitoring equipment and a large security team to prevent this kind of leakage.

Investigators point to specific causes: malicious insiders, infected tax software, misconfiguration of an intrusion detection system. Yet all of these events relied on exploiting the implicit trust built into legacy infrastructures and applications.

What is Zero Trust?

Zero Trust challenges the idea of implied trust in any form, instead requiring all connectivity to be explicitly authorized, without any direct paths between servers and the production network, the internet or users.​

It removes the ability of infrastructure administrators and application engineers to impact the security of a system on their own.

Zero Trust architecture is quickly gaining adoption among sophisticated firms around the globe wanting to invest in best-of-breed security. Firms accelerating their transition to the cloud are in the most ideal position to take advantage this, to get the Zero Trust benefits of predictable, consistent and reliable security.

Why is This Important?

The bottom line is this: with today’s complex and constantly evolving cyber threats, the most effective way to minimize threats to your data is to eliminate any notions of built-in trust. The most cost-efficient way in which firms of all sizes can enjoy the benefits of a modern security framework is through a cloud software provider with experience in secure, Zero Trust architecture.

In an era when cyber criminals and other bad actors are exploiting every technology loophole and potential human vulnerability, firms can’t afford to take chances with their client’s sensitive information getting into the wrong hands.

Learn More About Zero Trust

More information on zero trust security can be viewed in our new whitepaper, Security Primer: Why Zero Trust Trumps Traditional Security. It also details real-world scenarios on what happens during a traditional security breach vs what happens during a zero trust attempted security breach.

iManage is here to help bring this important topic to light so business professionals can focus on doing what they do best. For more information, contact us.

Discover Zero Trust

Zero Trust is a modern security framework built for today's work environment and the threats it poses. Whether your users are working on premises or off, on local networks or remote, Zero Trust and Zero Touch can protect your valuable data. This white paper describes the concept of Zero Trust and how it is implemented across the iManage platform.