industry unlocked connections , forcing every call to go through a central gateway – this model should be your aim .
# 4 Control access to core assets
Leverage your security investments to secure your cloud and data centre servers , using Zero Trust segmentation to coordinate traffic authorisations across your estate . This needs to be universal so it ’ s as watertight as possible and servers only accept traffic sent by authorised users . Consider investing in red teaming ethical hacking exercises to check the security of your key assets .
# 5 Incorporate user identification
Limit your exposure to risks by only opening ports in your environment when they ’ re needed . Make user identity the first key to access your systems and
We estimate organisations already have between 60 %– 80 % of the security building blocks that banking and financial services organisations need to adopt a Zero Trust approach . make sure permissions are revoked as soon as the user logs out .
# 6 Build in security-by-design to your projects
Investigate how containerisation can be a springboard for your security DevOps , providing a pre-certified and preconfigured software ‘ container ’ that you can build on to create automation and machine-to-machine application service models . Containerisation is an ideal opportunity to leave waterfall cycles of patching behind , offering instead security that flexes with context .
# 7 Segment , segment , segment
Introduce micro-segmentation to segregate – and protect – your network at a granular workload level . This will give you the real-time visibility you need www . intelligentciso . com
45