Zero trust and IAM build a new security base
Bamboo Cloud advanced architect on November 29th
On November 28, the Bay Area Initiative 2020 Cyber Security Conference with the theme of “New Infrastructure and New Security” opened grandly at Shenzhen International Convention and Exhibition Center. Conference by the Ministry of Public Security, the state password administration guide, shenzhen government sponsored, aims to build back bay, south China, radiation national based network security event, gather domestic and business at world leaders, academicians, experts, etc., focusing on 5 g, artificial intelligence, cutting-edge technology applications such as cloud computing, big data security problem for further discussion. Lin Rui, Vice Minister of The Ministry of Public Security, Gao Lin, Deputy Director of the Cyber Security Coordination Bureau of the Cyberspace Administration of China, Liu Ping, Deputy Director of the National Cryptography Administration, Yang Pengfei, Deputy Secretary-General of the Guangdong Provincial Government, and Nie Xinping, Deputy Mayor of the Shenzhen Municipal Government attended the opening ceremony.
As a leading enterprise in IAM field, Zhuyun was invited to attend the conference. Dai Liwei, vice President of technology of zhuyun, delivered a keynote speech at the Sub-forum on Zero-trust security –** “Digital Transformation Practice based on Zero-trust and modern IAM”. As a new security concept and strategy, zero trust is the security cornerstone of digital transformation and sustainable digital competitiveness of organizations, which has been widely adopted by domestic and foreign organizations. As one of the many sub-forums of the Conference, zero trust Security sub-forum also attracted attention and was full.
Dai Liwei new infrastructure challenges, changes in the identity of the digital transformation, how to through the zero trust system in untrusted network environment for an organization to rebuild trust, trust and modern IAM constructing new security zero base and IAM as core components of zero trust, providing end-to-end security and reliable support and other aspects of interpretation and practice of sharing.
Challenges of new infrastructure and digital transformation
At present, China is accelerating the deployment of “new infrastructure” informatization strategy, which is essentially an information digitization infrastructure supporting the development of traditional industries to the direction of networking, digitalization and intelligence. The sound development and safe landing of 5G, industrial Internet, Internet of Things, artificial intelligence, big data and other industries are bound to be closely related to connectivity, intelligence, flexibility and security. The in-depth application of emerging technologies not only brings convenience, efficiency and intelligence to cities, but also brings network security challenges. New infrastructure covers a wide area, involves many people, has many external connections, and has many applications. Therefore, business continuity guarantee, data security and privacy protection, and Internet of Things security are all important challenges faced by new infrastructure, smart city construction, and digital transformation of organizations. At the same time, the organization’s internal threats are getting worse, and the data leaks are shocking. Security thinking and architecture need to evolve. Traditional boundary-based security protection systems gradually become ineffective and cannot adapt to the rapid growth of organizations and rapid service changes.
Zero trust and modern IAM build a new base for security
Therefore, the organization needs to rebuild trust for the organization in the untrusted network environment through the zero-trust system. Need to continue to check the network infrastructure, data, equipment, systems, applications and services, zero trust security is the core of the minimum permissions security, on the basis of dynamic IAM, security architecture for the center with digital identity, access to the main body in the access applications, data, services, first to ensure that its own security, at the same time according to the access to environmental information and risk assessment index, Use dynamic access control mechanism to prevent unauthorized access behavior.
As a core component of zero trust, IAM provides end-to-end security and trust support
IAM technology is used to establish an identity-centered security framework to verify the digital identity authenticity of all users and access devices and to dynamically authorize and control access behaviors. IAM platform is used to complete identity authentication, grant minimum permissions, and establish sessions. Meanwhile, during the access, the behavior of access subjects is continuously evaluated. Once exceptions are found, IAM platform is used to dynamically adjust access control policies, including lowering access levels, secondary authentication, and even cutting off sessions.
Zhuyun IAM platform is domestic and controllable, providing a unified supply of identity ability for organizations. Through comprehensive assessment of access information, continuous monitoring of access environment, automatic risk shutdown and fusion authentication ability, centralized management and dynamic control of permissions are realized. By designing a risk blocking mechanism, the organization can be informed of the potential risks of access control, identity, and permission in real time, so as to realize intelligent risk prevention in advance, risk blocking in the event, and risk tracing after the event. Engine platform support behavior analysis risk assessment, the realization of access control based on risk, based on the deep learning technology at the same time, the risk of access control, the user access to metadata (time, location, relationship, behavior, habits, account, permission, etc.), based on the calculation model and take the initiative to collect user behavior data modeling, Form a thousand risk model, automatically complete the baseline of personal behavior.
Connectivity, security, enablement, compliance
The zero-trust system with IAM as its core can upgrade the traditional border protection to a three-dimensional and dynamic security protection system, providing end-to-end security and trusted support for organizations. Both the government and enterprises need to pay attention to efficiency, safety and risk prevention in the continuous investment and development of informatization. Building an IAM platform with high agility, reliability, compatibility and expansibility to help organizations connect efficiently, greatly improve process efficiency, strengthen internal control, and realize intelligent access control and security policies for all people, objects and devices has become a rigid demand for digital transformation in various fields.