TERANET
security as they evolve . “ We bring Richter back as changes within the business happen , for example , M & A , to make sure our threat risk assessment is updated . It ' s definitely a partnership between Richter and Teranet .”
Zero Trust modelling in cybersecurity Teranet is in the process of moving over to a zero-trust model in terms of its security architecture . This multi-layered solution that prevents and slows down the damage that can be wrought in a major breach has been instrumental in fortifying the company ’ s cyber strategy .
McCulloch uses an analogy to describe exactly how the architecture works . “ So , in terms of a home , you ’ ve got the doors to your house and there are keys to the door .
In a traditional security model , you protect the doors of the home . You lock the doors to ensure no security breach occurs . You use a strong lock and you make sure only certain people have keys to the lock .
She continues , “ Zero trust is different from that model because even if I have a key to the home and I live in the house , it doesn ’ t mean that I have access to every single drawer and cabinet in the house .
“ But , if I live in a room in the house , I also have the key to my room door , and if I share a room with someone else , then I get only the keys to the areas and cupboards that I am allowed access to .
“ We might both have keys to the closet , but I have access to the left drawers and my husband would have keys to the right drawers .
“ It ’ s essentially a multi-layer security architecture . And that means if you have a breach at the front door , it doesn ’ t put the jewels in the closet at risk right away . Hackers will have to work harder to get to it . There are barriers to other controls to get to the more sensitive data .”
ID cybersecurity solutions As well as the zero-trust security architecture , Teranet has adopted and is also developing a number of ID gateways via its access management multi-factor programme .
This means authentication , especially for sensitive data , requires several steps before access is provided .
“ For privileged accounts , authentication to sensitive data , systems and apps should be more than just passwords ,” says McCulloch .
“ The difficulty in today ’ s landscape is that many providers are getting breached and hackers can stealthily steal a database of usernames and passwords which go on sale on the black market . This means the user is not the only person to have access to that account .
technologymagazine . com 301