Deloitte yesterday launched Zero Trust Access, a new managed service the consultancy says provides a cloud-native approach to “securing communications between users, on any device, and enterprise applications, wherever they may reside.”
The Zero Trust concept, the company said in a release, “commits to removing implicit trust within an information technology (IT) ecosystem and replacing it with a risk-based approach to accessing organizational resources across identities, workloads, data, networks and devices.
“This trend is gaining momentum, given legacy approaches to security architecture are no longer suitable to secure the ubiquitous nature of the modern enterprise.”
The service will be available as a standalone, integrated with other Deloitte offerings, or as part of a “broader solution leveraging technologies from Deloitte’s alliance ecosystem.
According to the release, it facilitates Zero Trust adoption and the evolving needs of organizations in protecting their applications, infrastructure, and data.
Andrew Rafla, Deloitte Risk & Financial Advisory’s zero trust offering leader and principal, Deloitte & Touche LLP, said, as “perimeter-based approaches are no longer suitable to secure the modern enterprise, many organizations are working to enhance protection for their IT ecosystems via zero trust.
“Zero Trust Access was built as a turnkey managed service helping ourselves and our clients accelerate adoption of this transformative security framework. Our goal was to create a cost-effective solution that can be delivered standalone or complementary to a broader ecosystem, and ultimately help decrease the burden on IT and security teams who likely need to manage multiple heterogeneous solutions to achieve similar outcomes.”
Deloitte states on its Web site that in this era of “evolving business models, shifting workforce dynamics, cloud adoption, and increased device and connectivity complexity, many organizations are prioritizing the adoption of the Zero Trust security model.
“A Zero Trust strategy for cybersecurity provides the opportunity to create a more robust and resilient posture, simplify security management, improve end-user experience, and enable modern IT practices.”
Data, it added, “lies at the heart of an effective Zero Trust strategy. Organizations need to understand what data they have, where that data is stored, who/what should be able to access that data, and under what conditions.
“It is therefore paramount that enterprise data be discovered, inventoried, governed, classified, and tagged in a manner that can be used to inform access control decisions. Data should also be protected through obfuscation, encryption, and advanced data loss prevention mechanisms at all stages – at rest, in use, and in-transit.”