According to Gartner (News - Alert), only 10% of large enterprises will have a mature and quantifiable zero-trust program in place by 2026, a significant increase from less than 1% today. And yet, though 1% to 10% is praiseworthy, it isn’t nearly sufficient to grant peace of mind for security providers that know how many more enterprises should employ top zero-trust practices, as well.
Garter also reports that more than half of all cyber attacks by 2026 will target areas not covered or mitigated by zero-trust controls. Hence, that gap in peace of mind feels like it could grow wider and wider. Changes must be enacted.
Nebulon knows this well. The company – with its smartInfrastructure that is cyber-resilient for data centers from edge to core – advocates for industry-standard solutions for near-instant ransomware recovery, centralized remote management, and of course zero-trust. Zero-trust infrastructure best practices are essential for both perimeter-level protection and internal processes, especially concerning threats that can erase data or infrastructure configurations.
And so, Nebulon recently unveiled two new zero-trust offerings: Two-Person Commit (TPC) and Single Sign-On (SSO).
Not only do TPC and SSO developments bolster Nebulon’s existing security portfolio, but they open new doors for enterprises in need while shutting doors in the faces of bad actors. (This is in addition to Nebulon’s authentication and authorization tactics, always-on encryption, and rapid 4-minute ransomware recovery capabilities – all of which are crucial for safeguarding distributed edge data center locations.)
Nebulon’s TPC is a security policy with its general roots in military protocol, and already it’s proven to be a valuable addition to IT security controls. Its strong TPC policy shields organizations from unintended or maliciously destructive actions with an extra layer of security for Nebulon-based clusters or cluster groups.
After enabling this TPC security policy, specific operations within the cluster group (e.g. deleting clusters, volumes or snapshots, as well as disabling security policies) must be approved by two separate people within the organization. (It’s sort of like what we see in classic spy films, where two agents must turn a key or a press a button at the same time.)
And not to confuse here but, despite its name – Two-Person Commit – it’s noteworthy that this policy technically* involves three parties:
- The "requestor" who initiates an action.
- The "approver" who greenlights the request.
- *The "arbitrator," a member of the Nebulon customer satisfaction team.
This technical third arbitrator role is mandatory in order to confirm that the requestor and approver are separate individuals, preventing an administrator from creating a fake secondary, i.e. virtual, user account to covertly approve their own solo requests. A solid fallback measure.
And as mentioned, Nebulon has also introduced SSO support, specifically for Microsoft (News - Alert) Azure Active Directory environments. This enables users to securely access Nebulon-based infrastructure using their Azure Active Directory credentials. Nebulon SSO facilitates the mapping of Active Directory groups to other groups in Nebulon's cloud (NebulonON), streamlining user and group identity management.
This SSO authorization capability is significant, as it pumps up perimeter protections by segregating identity management and infrastructure management responsibilities, simplifying username and passphrase management, and (when paired with MFA (News - Alert)) it enhances identity protection.
Siamak Nazari, Nebulon’s CEO, emphasized the importance of comprehensive zero-trust implementation.
Nazari stated, "Numerous vendors on the market tout zero-trust capabilities. However, unless these are implemented at every layer, including down to the server-storage layer, there is no way for an enterprise to be fully protected."
Edited by Greg Tavarez