In this Zero Trust Case, a corporate bank found a compromised palm-vein scanner, jeopardizing its security model. Unauthorized access risked undermining the bank’s Zero Trust approach built on identity-based access control.
Zero Trust is a network security model based on the principle of “never trust, always verify”. By acknowledging that threats not only originate outside the organization’s perimeter but also within. Zero Trust eliminates the component of trust that was once automatically given to internal users and devices. Every user and device, internal or external, must be authenticated and authorized before granting access to an enterprise’s resources and data.
Micro-Segmentation and Identity-Based Access Control
To implement a Zero Trust Architecture, micro-segmentation splits the network into smaller, more granular parts. Each of which requires separate access authorization. In doing so, micro-segmentation controls east-west network traffic, i.e. lateral movement, as a means to reduce the attack surface. The implementation of micro-segmentation is supported by the principle-of-least-privilege. Whereby users only access the specific resources required to perform the task at hand. Enforcing the principle-of-least-privilege requires identity-based access control which, naturally, relies on identifying the user and their role. Identifying users is typically through multi-factor authentication, which can be done in three different ways:
Users perceive the third authentication method as the most secure since it is the most difficult to compromise. However, in this zero trust case, an attacker used a Man in the Middle Attack to bypass palm-vein authentication. Manipulating the Identity and Access Management system, which Zero Trust relies on. In doing so, micro-segmentation is ineffective as the attacker can gain complete access privileges and move laterally throughout the network.
Zero Trust Case: Strengthening Security with Sepio’s HAC-1 Platform for Comprehensive Device Visibility
Sepio’s platform (HAC-1) offer a comprehensive solution to address the lack of device visibility. As the industry leader in Rogue Device Mitigation, Sepio’s solution excels at identifying, detecting, and managing all peripherals, leaving no device unmonitored.
Sepio’s platform utilizes cutting-edge physical layer visibility fingerprinting technology and Machine Learning to create a unique digital fingerprint based on the electrical characteristics of each device. Then, the system compares this fingerprint against a vast threat intelligence database of known vulnerable devices.
By employing this approach, HAC-1 not only detects all managed, unmanaged devices within an enterprise’s infrastructure but also unveils the true identity of these devices. In this Zero Trust Case, the HAC-1 approach not only identifies all managed and unmanaged devices within the enterprise’s infrastructure but also uncovers their true identities. The solution incorporates a comprehensive policy enforcement mechanism that recommends best practices and allows administrators to define granular rules for the system to enforce.
If a device violates the pre-set policy, HAC-1 takes immediate action. Initiating a mitigation process that promptly blocks unapproved or Rogue hardware attacks. This ensures that perpetrators cannot bypass micro-segmentation and other Zero Trust security measures. With Sepio’s platform organizations can enjoy the benefits of Zero Trust Hardware Access, implementing the principle of “never trust, always verify” at the Physical Layer.
See every known and shadow asset. Prioritize and mitigate risks.
Talk to an expert. It will help you understand how to use Sepio’s patented technology to gain control of your asset risks.