Header image overlay

Zero Trust, for cyber security an absolute must

'It was all so simple... The Fixkes knew how to frame it well. A company used to quickly have its cybersecurity in place. A firewall, a VPN to work remotely and all software ran on its own servers or on the PC. Simple. But times are changing.

Today, the modern workplace can no longer be defined. We work anywhere, with various cloud platforms such as Microsoft 365, SalesForce... and access company data from multiple devices. Even interactive displays in meeting rooms, smart thermostats, solar panels... Everything comes into contact with the network.

Users and devices are thus constantly inside and outside the company's physical and virtual boundaries. The question then becomes: how do you secure such an environment?

Today, we only work with the Zero Trust strategy

This implies that no device nor user is simply trusted and only strictly necessary access is explicitly granted. With Zero Trust, every activity is scrutinised based on the following core principles:

  • Explicit verificationit repeatedly authorises the user based on various parameters, such as identity, location, network and/or device status (e.g. is all software up to date? is there TPM...).
  • least-privileged access
    rights of users are limited to the minimum data and systems required to perform their tasks.
  • Assume breach
    We always assume that a hack has occurred or will occur. Proactive measures are constantly being taken to mitigate potential damage.

E-Mail Phishing | VanRoey.be An example: via phishing your CFO's password was stolen, and via SIM-Swapping, the two-stage authentication was also bypassed. Normally, the hacker would then be inside. But with Zero Trust, location is also taken into account. Is the 'user' in another country or outside trusted networks? Then access is still barred. A USB dongle can also be provided that must be connected to gain access.

Suppose -in the worst case scenario- that a hacker were still to get in and inject malware into known software, it stings EDR this again immediately. This solution closely monitors every software activity, even that of trusted programmes, and blocks all suspicious activity by default. Never trust, always verify...

Zero Trust in your organisation?

Zero Trust is thus a collection of carefully configured security policies enforced across the organisation: from identity to device, from network to data, from business floor to cloud...

Every company is different, so it is important to tailor this strategy to your needs. For this, you can rely on our security experts. We have already set up hundreds of zero trust environments and apply our broad knowledge from Firewalls to EDR to Microsoft 365.

Profile picture Jente Vandijck | VanRoey.be Want to know more about Zero Trust?

We recently organised a extensive webinar by our Microsoft 365 specialist (softly spoken) Jente Vandijck which you may rewatch for free. It is only 34 minutes long, but tells you almost everything you need to know. 'Ask' via this link.

Also, through a Security audit your environment under the microscope. We are here for you!

vat no.*

"Should a hacker still manage to get in and inject malware into (known) software, EDR again immediately puts a stop to it. It closely monitors every software activity, even that of trusted programmes."

share this post:

How are you doing?
We have never come across a 100% safe environment....
Take a big step forward in your organisation's security with Zero-Trust. In this free webinar, discover the core principles!
Since 18 October, NIS-2 is officially in force! Together with our partners, we are organising a Cybersecurity Workshop on 30/01 to share practical insights and tools that you can apply immediately to protect your organisation and become NIS-2-compliant.