{"id":5563,"date":"2020-02-18T21:26:07","date_gmt":"2020-02-18T21:26:07","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5563"},"modified":"2021-04-06T21:29:07","modified_gmt":"2021-04-06T20:29:07","slug":"how-zero-trust-models-apply-msps","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps","title":{"rendered":"How Zero Trust Models Apply to MSPs"},"content":{"rendered":"<p>Information technology enables businesses to grow rapidly and accomplish their goals. As a result, IT professionals should balance enablement and productivity with security.<\/p>\n<p>This balance led to the development of perimeter-based security and defenses. If something was located on a corporate network, it was assumed to be trusted (for the most part). For decades, this was an acceptable level of risk for businesses. It made sense that if someone was in the building and using a corporate-owned device, they were likely a safe actor.<\/p>\n<p>However, as business goals changed, security needed to change with it. The rise of personal mobile devices, growing investments in cloud services (and the sheer number of them proliferating), and the increasing number of ways hackers can compromise a business has shown a weakness for perimeter-based security. In short, the goalposts for security and technical enablement have moved.<\/p>\n<p>In place of this old castle-and-moat style of security came the zero-trust model. Zero-trust models assume that devices and users cannot be trusted until proven. Essentially, it treats all users and devices as though they were coming from the internet (and therefore may not be entirely safe). To top it off, you\u2019ll have to shift your thinking from the perimeter to the application level. Today, we\u2019ll talk about how to apply this model as an MSP.<\/p>\n<h3><b>The Components of Zero-Trust<\/b><\/h3>\n<p>Initially, customers may balk at the idea of putting up hurdles against their productivity. However, these hurdles don\u2019t need to be extreme and can often provide more flexibility for the customers. One of the first steps involves matching authentication levels to the risk presented by an application. You should always turn on MFA for your personal banking applications and should do the same for sensitive business applications. You should understand what applications are in use, which present the most risk, and who should have access. This is where the complexity comes into place.<\/p>\n<p>While zero-trust models were developed for enterprise networks and can get extremely complex\u2014requiring multiple tools acting in concert\u2014you don\u2019t need to have all the tools in place to make a major difference in reducing risk at customer sites.<\/p>\n<p>Here are some important rules to keep in mind:<\/p>\n<ul>\n<li><b>Network segmentation<\/b><br \/>\nIt\u2019s common for SMBs to have only one network for everything. However, this can open those businesses to considerable risks. If someone compromises that one network, they could damage productivity, spread malware across the network, steal proprietary information or data and resell it, or simply sit on the network gathering information for a larger attack. When you work with clients, try to segment their networks into multiple zones. At a minimum, try to set up a corporate network with higher security standards and a guest network for people visiting the office or for employees\u2019 mobile devices. This way if someone brings a device that\u2019s not completely secure, they won\u2019t risk exposing the main internal network to security threats. You can also add additional network segments to help protect them with a next-generation firewall to prevent lateral movement within an organization.<\/li>\n<li><b>Identity and access management<\/b><br \/>\nTo help keep systems safe, you should maintain strong practices around managing user access. Adhere as best you can to the principle of least privilege\u2014keep all information and system access on a need-to-use, need-to-know basis. Additionally, you should have strong onboarding and offboarding practices. When employees leave, shut their accounts down immediately and collect all equipment. Periodically audit user access levels and accounts as well. If someone changes departments, for example, you don\u2019t want them maintaining access to old systems. Minimizing privileges like this allows you to minimize damage in the event of an insider attack or if an external threat actor hijacks someone\u2019s account.<\/li>\n<li><b>Verification<\/b><br \/>\nMultifactor authentication (MFA) is an absolute must. You should verify accounts from several sources to help ensure that access request come from a truly trusted source. This includes access to even offsite, cloud applications. For some particularly critical users or risky assets, you may want to increase the number of hoops they have to jump through to gain access. For example, they may need to use MFA and use an encrypted VPN when outside of the building to gain key access\u2014and they may need additional monitoring on their accounts.<\/li>\n<li><b>Monitoring<\/b><br \/>\nOnce a device or user has been given the green light, you still should remain a little suspicious. In other words, you should have good monitoring in place to make sure authenticated users don\u2019t start performing destructive actions like copying large numbers of files to a device (indicating potential data theft) or deleting data in bulk. A good security information and event management (SIEM) tool can help you monitor for potential network threats. However, if this is out of your comfort zone, then (at a minimum) try setting up checks for common threats or suspicious behavior in your remote monitoring and management tool. Additionally, a good endpoint protection solution can help round out your capabilities without requiring a ton of in-depth security knowledge. An AI-driven solution can help monitor for suspicious behavior at the endpoint level and alert you when something comes up.<\/li>\n<\/ul>\n<h3><b>Trust Must Be Earned<\/b><\/h3>\n<p>Businesses face threats from more angles than ever before. As businesses continue embracing hybrid IT, MSPs need to be more vigilant than ever in protecting their customers from attack at multiple angles. This means you\u2019ll need to design your network and services to remain suspicious of requests before granting access.<\/p>\n<p>&nbsp;<\/p>\n<p><b>When it comes to enacting zero-trust security, access management is paramount. A robust password management solution can play a major role in policing access. SolarWinds<sup>\u00ae<\/sup>\u00a0Passportal helps you control access to services among your MSP team by allowing you to quickly grant and revoke access to services and accounts as needed, all while allowing technicians to create strong passwords and giving them one-click access to services. Additionally, SolarWinds Passportal Site<sup>\u2122<\/sup>\u00a0allows you to sell password-management-as-a-service to your customers so they can also maintain strong security internally. Learn more by\u00a0<\/b><a class=\"ext\" href=\"https:\/\/www.passportalmsp.com\/?promo=blog\" target=\"_blank\" rel=\"noopener noreferrer\"><b>visiting the site<\/b><\/a><b>\u00a0today.\u00a0<\/b><\/p>\n<p>&nbsp;<\/p>\n<p><em>Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology,\u00a0including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim\u2019s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Information technology enables businesses to grow rapidly and accomplish their goals. As a result, IT professionals should balance enablement and productivity with security. This balance led to the development of&#8230;<\/p>\n","protected":false},"author":43,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5563","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How Zero Trust Models Apply to MSPs - N-able<\/title>\n<meta name=\"description\" content=\"With the rise of personal devices and cloud services, the old perimeter-based approach to security can no longer be relied upon. Tim Brown looks at how MSPs should change the way they view security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How Zero Trust Models Apply to MSPs - N-able\" \/>\n<meta property=\"og:description\" content=\"With the rise of personal devices and cloud services, the old perimeter-based approach to security can no longer be relied upon. Tim Brown looks at how MSPs should change the way they view security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-18T21:26:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-06T20:29:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tim Brown\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tim Brown\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\"},\"author\":{\"name\":\"Tim Brown\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8\"},\"headline\":\"How Zero Trust Models Apply to MSPs\",\"datePublished\":\"2020-02-18T21:26:07+00:00\",\"dateModified\":\"2021-04-06T20:29:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\"},\"wordCount\":1116,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\",\"url\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\",\"name\":\"How Zero Trust Models Apply to MSPs - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr#website\"},\"datePublished\":\"2020-02-18T21:26:07+00:00\",\"dateModified\":\"2021-04-06T20:29:07+00:00\",\"description\":\"With the rise of personal devices and cloud services, the old perimeter-based approach to security can no longer be relied upon. Tim Brown looks at how MSPs should change the way they view security.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/fr\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How Zero Trust Models Apply to MSPs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/fr#website\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/fr?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/fr#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8\",\"name\":\"Tim Brown\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g\",\"caption\":\"Tim Brown\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How Zero Trust Models Apply to MSPs - N-able","description":"With the rise of personal devices and cloud services, the old perimeter-based approach to security can no longer be relied upon. Tim Brown looks at how MSPs should change the way they view security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps","og_locale":"fr_FR","og_type":"article","og_title":"How Zero Trust Models Apply to MSPs - N-able","og_description":"With the rise of personal devices and cloud services, the old perimeter-based approach to security can no longer be relied upon. Tim Brown looks at how MSPs should change the way they view security.","og_url":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-02-18T21:26:07+00:00","article_modified_time":"2021-04-06T20:29:07+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Tim Brown","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"\u00c9crit par":"Tim Brown","Dur\u00e9e de lecture estim\u00e9e":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps"},"author":{"name":"Tim Brown","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8"},"headline":"How Zero Trust Models Apply to MSPs","datePublished":"2020-02-18T21:26:07+00:00","dateModified":"2021-04-06T20:29:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps"},"wordCount":1116,"publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"articleSection":["Security"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps","url":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps","name":"How Zero Trust Models Apply to MSPs - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr#website"},"datePublished":"2020-02-18T21:26:07+00:00","dateModified":"2021-04-06T20:29:07+00:00","description":"With the rise of personal devices and cloud services, the old perimeter-based approach to security can no longer be relied upon. Tim Brown looks at how MSPs should change the way they view security.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/fr\/blog\/how-zero-trust-models-apply-msps#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/fr\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"How Zero Trust Models Apply to MSPs"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/fr#website","url":"https:\/\/www.n-able.com\/fr","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/fr?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/fr#organization","name":"N-able","url":"https:\/\/www.n-able.com\/fr","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/65b11c76d7eceabc6a98f67feafee6e8","name":"Tim Brown","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/12fd73820610a5263c4429c2a99094e0c2e82401bbe39bf42457e891670b6566?s=96&d=mm&r=g","caption":"Tim Brown"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/5563","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/comments?post=5563"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/5563\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/media?parent=5563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}