A Blueprint For Building Zero-Trust Collaboration
We all need to be able to collaborate as easily as possible – leveraging the latest available technology – but this cannot come at the expense of security. Bad actors are constantly looking for ways into organisations that have seen their digital dependency accelerate significantly over the last few months. Various studies bear this out – hackers attack every 39 seconds, leading to predictions that cybercrime will cost the world $6 trillion by 2021.
How, then, do enterprises achieve that balance of ease of use with the highest levels of security? By taking a zero-trust approach, whereby users’ identity, networks and devices are not trusted by default, whether they’re on the corporate networks or outside.
At Adeya, we’ve been helping customers develop zero-trust security models for years, and we’ve established a number of fundamental steps to follow within a modern workplace. Consider these points the key building blocks or blueprint of any zero-trust collaboration approach.
- Controlled Identity
System administration only enrols a closed group of clearly identified users, keeping contacts private and metadata unexposed. Identification comes through proprietary key management and encrypted key distribution protocol, tying each user to a unique identifier. Not only does this ensure only those with access can get into an app or system, but it makes identifying their activity easier as well, in case of internal threats or breaches.
- Military-Grade Encryption Through Any Network
What sort of encryption? End-to-end, via military-grade cryptographic algorithms. Adeya’s use AES-256, which keeps communications confidential. That comes with multi-factor authentication, organization-wide password policies, and intuitive user experience. All encompassed by truly end-to-end encryption, covering data in transit and at rest, with no gaps, no matter how small.
- Devices Access
Users might pose the threats, but devices are their way into an organisation. With controlled device access, enrolled tablets, phones and PCs can be placed under enterprise-wide security policies using two-factor based authentication. This limits the spread of devices providing open windows into corporate networks by ensuring security without restricting the type of devices employees can use, and can also be compatible with Unified Endpoint Management tools.
- Hosting Data
Where you host your applications, and by extension your data, has a dramatic impact on how secure you are. Whatever the hosting choice, data is not retained on the provider’s server, something we put front and centre. On top of that, encryption should come as standard.
Yet the nature of modern enterprises and their organic mix of legacy and cloud-native applications means that multi-cloud deployments are becoming the standard, so having the option of on-premise, private or public cloud is critical. However, to maintain security that cloud should be private, and should be dependent on the data classification and company policy. Alternatively, we offer a Swiss cloud option, governed by the regulations outlined above.
- Application security and in Control
First, the application’s code is hardened, protecting from reverse engineering and hacking. Then, a system administration console ensures application configuration permissions, controlled access and monitors performance. As an additional feature, experience has shown that the ability to customise the brand application with the corporate look and feel actually increases employee adoption, so having that option through a white label solution can help contribute towards preventing shadow IT.
- Comply with Data Classification
With data regulation at an all-time high, enterprises need to continually make sure that they are complying with all relevant laws, whether the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or Brazil’s General Data Protection Law (LGDP). The best way to do that is to categorise data according to organisational policies, sensitivity and regulation requirements, and then encrypt and restrict access accordingly.
- Employee Privacy Protection
People might be an organisation’s biggest asset; they can also be the biggest source of cyber threats, no matter how unwitting. That’s why it’s vital that they are protected at all times, and their use of unsecured, consumer-grade apps as restricted as possible. Here’s where ease-of-use comes in. Having a service which provides everything they need in one app is a great way forward. With Adeya, employees get secure collaboration on any device type and operating system, with end-to-end encryption, one-to-one and multi-user audio/video calls, messaging and file sharing in a single app.
- Swiss Data Privacy
As a Swiss company, it’s hardly surprising that we would promote Swiss neutrality and data protection law as a critical way to ensuring the highest privacy. On top of that, Adeya’s legal structure and unique anti-big data ethos, which rejects data-sharing arrangements and promotes data sovereignty, puts client data privacy control first.
Establishing a zero-trust collaboration model needs to happen if enterprises are to stay secure, stay operational and stay afloat during these disrupted times. To find out how Adeya can help, get in touch today.