TIM Zero Trust Security

Zero Trust is security beyond the data center

Developments in IT require new concepts for security. Today, companies need to protect not only their central data centers, but also an increasingly heterogeneous IT landscape inside and outside their corporate buildings. Zero Trust is a holistic security concept that aims to protect the company’s internal infrastructure in the long term. The concept is intended to meet different and changing framework conditions so that both on-premises, hybrid or cloud activities can take place in a secure manner. To this end, trustworthyareas are defined and the principle of “trust no identity” is always applied.

Zero Trust Security explained

Our security experts have developed videos for the individual building blocks of the Zero Trust concept:

Modern security concepts require a holistic approach

Zero Trust has become necessary because companies have to rethink the issue of security. In the past, it was sufficient to secure the IT infrastructure on-premises with a central data center and the workstations distributed in the company’s own building against malware, data loss, unauthorized access, etc. This was not the case in the past. But in the age of the cloud and mobile working, the framework conditions have changed. Now external applications, mobile devices and remote workstations in the home office must also be included in the security concept. A modern security concept must connect these trusted areas in a platform-independent manner and enable automated communication between them.

Events and activities are communicated. These are, for example, accesses to resources such as data or devices or even services. All events are recorded centrally and analyzed automatically. The more sources contribute to this data collection, the better modern security solutions can identify any security incidents.

Zero Trust is security beyond the data center

How is Zero Trust implemented?

This is where zero trust and identities come into play. An identity can be a user, a device, or even a service. In order to live up to the zero-trust principle of “trust no identity,” the accesses of all identities must be continuously monitored and analyzed. If the security solution registers a suspicious event, it automatically initiates previously defined measures. As a rule, a request for additional authentication, e.g. via multifactor, is issued first. If the login fails, access to the resource is denied. If the information from further sources indicates suspicious activities of this identity, it may even be isolated in a further step. The company must then analyze the security incident. If it proves to be harmless, the resource is released again. If not, it must be clarified, among other things, what damage has occurred and what countermeasures must be initiated.

 

The five modules of Zero Trust

Orchestration

Visibility

Analysis

Automation

USER
TRUST

DEVICE
TRUST

NETWORK
TRUST

APPLICATION
TRUST

DATA
TRUST

USER TRUST

Identity Access Management (IAM) is responsible for controlling user trust. It manages user identities, provides authentication procedures, and decides whether a user is granted the desired access based on current events.

Solution approaches
Password-free authentication
Multi-factor authentication
Access restriction
Dynamic risk assessment […]

DEVICE TRUST

With device trust, a unified endpoint management system manages the devices in the enterprise. It ensures that the devices used are under the control of administrators or, in the case of BYOD hardware, that corporate data is located in a segregated, encrypted area.

 

Solution approaches
Authentication
Inventory
Management
Compliance […]

NETWORK TRUST

The network trust requires a segmentation of the network, in which the path of accesses is additionally limited, for example, via locations, routers and ports.

Solution approaches
Microsegmentation
Transport encryption
Session protection […]

APPLICATION TRUST

To ensure application trust for a web or cloud app, for example, the application exchanges access rights with the IAM during authentication and checks the identity risk assessment.

 

Solution approaches
Device-independent access
Single-sign-on
Adaptive access
Adaptive accessIsolation […]

DATA TRUST

Data trust is all about data security. This modules includes ensuring effective backup concepts in the data center as well as on the end devices. In addition, there is the analysis and control of data movements and processing, both within the company and in contact with outsiders.

 

Solution approaches
Integrity
Privacy
Classification […]

Would you like to learn more about TIM Zero Trust Security?
We will be glad to advise you!

Oliver Sehy

Managing Consultant | Security

Tel.: 0611 2709-758
E-Mail: OliverSe@tim.de

Philip Baumann

Consultant | Security

Tel.: 0611 2709-634
E-Mail: PhilipB@tim.de

Helmut Schmitz

Business Dev. Manager | Security

Tel.: 0611 2709-612
E-Mail: HelmutS@tim.de

SingleSign On to the TIM ecosystem:

My account

Login Webseite
LogoutLogin TIM Portal
TIM Partner News
You do not have a login yet? Request now!
You are not a TIM partner ?Register here!

SingleSign On to the TIM ecosystem:

My account

Login Webseite
LogoutLogin TIM Portal
TIM Partner News
You do not have a login yet? Request now!
You are not a TIM partner ?Register here!

SingleSign On to the TIM ecosystem:

My account

Login Webseite
LogoutLogin TIM Portal
TIM Partner News
You do not have a login yet? Request now!
You are not a TIM partner ?Register here!
Installieren Sie diese Webapp auf Ihrem iPhone: Tippen Sie auf und fügen Sie sie dann zum Startbildschirm hinzu