![\"\"](\"https:\/\/new.kinetics.co.nz\/wp-content\/uploads\/2021\/03\/ZeroTrustURL.png\")
<\/p>\n[et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”4.16″ global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row admin_label=”row” _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.16″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||” theme_builder_area=”post_content”][et_pb_text admin_label=”Text” _builder_version=”4.16.1″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n
‘Zero-Trust’ is a tough headline. Zero-trust in a world where we trust people all the time is an unpleasant concept.<\/p>\n
We trust that when we order a package online, that the vendor will take our order and not just our money, that our product will be passed to a courier that we trust will take care of our product and deliver it safely, and we trust that when it is delivered to our door, that no one will take it before we can collect it.<\/p>\n
We trust that when we buy our morning coffee, it won\u2019t just taste the best, but that it will be made hygienically, the cups are clean, and the milk is fresh. When we come to work, we trust that other people will obey the traffic laws, so we\u2019ll be safe. If we are being driven, we trust that the driver knows what they are doing, that they are fresh and alert, rather than recovering a big night the day before.<\/p>\n
<\/p>\n
But with our vital IT systems, we KNOW that cyber-criminals are coming at us literally all the time. They are either hand-crafting attacks at us, or using hyper-scale computing to direct sophisticated tools against us.<\/p>\n
As an IT services business, we\u2019re spending more and more of our time focused on keeping clients safe. I continue to be amazed by the organisations that don\u2019t think this is important, even as they see increasing numbers of attacks.<\/p>\n
As our Chief Technology Officer, Bill Lunam, showed us at an internal exercise the other day, we\u2019re diligent at locking the physical doors, applying deadlocks and turning on the alarm, even though we\u2019ve all seen relatively few of these incidents. By contrast, even though we\u2019re seeing and reading about IT security events continually, from phishing and whaling to intercepted emails, many businesses remain reluctant to step up their data protection.<\/p>\n
<\/p>\n
Forrester Research tell us that we should always be assuming a breach, never trusting anything and always verifying. While we can, and we must, use tools to assist us, the number one risk remains people, and how we behave.<\/p>\n
We have to ensure our processes are secure, for example checking emails \u2013 especially financial ones \u2013 are from the person we think, and we warned recently of one stunning local story – https:\/\/new.kinetics.co.nz\/bank-account-fraud\/<\/a><\/p>\n For example, when you access a web URL link, how can you be sure it is genuinely who you think it, or that the site is not infected with malware? Whether someone has forwarded you the link by email, or through social media, or you\u2019ve found it in an online search, how can you be sure it\u2019s safe?<\/p>\n Tools like the URL curation we include in KARE for Security help you identify potential risks \u2013 ironically, a search on Zero-Trust itself resulted in at least one \u2018dodgy\u2019 site which, as expected, our KARE URL curation software warned us about.<\/p>\n Before the cloud, we could protect an organisation by focusing on the corporate firewall and scanning emails. Today, things have changed. We are working from anywhere, especially from home in this Covid-world.<\/p>\n The PC we use might be shared by other family members. It might be as likely to be used for your business emails and tools as it is for online ordering and click and collect shopping. You are accessing tools from your phone, and both that and your PC might also have your personal email, your social media, a personal file-sharing tool. You might be part of a community organisation that shares work on their own platform.<\/p>\n The idea that we can filter that non-work material work out seems impractical to me, so it makes sense that the end-point \u2013 phone or PC \u2013 needs to be our focus.<\/p>\n We\u2019re keeping up our commitment to help you minimise your risk with KARE for Security<\/a> to add further layers of protection including many of the new Microsoft 365 data protection tools.<\/p>\n Reference :<\/strong>A Practical Guide To A Zero Trust Implementation (forrester.com)<\/a><\/p>\n <\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" ‘Zero-Trust’ is a tough headline. Zero-trust in a world where we trust people all the time is an unpleasant concept. We trust that when we order a package online, that the vendor will take our order and not just our money, that our product will be passed to a courier that we trust will take […]<\/p>\n","protected":false},"author":5,"featured_media":5317,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"It is a tough heading. Zero-trust in a world where we trust people all the time. We trust that when we order a package online, that the vendor will take our order and not just our money, that our product will be passed to a courier that we trust will take care of our product and deliver it safely, and we trust that when it is delivered to our door, that no one will take it before we can collect it.\n\nWe trust that when we buy our morning coffee, it won\u2019t just taste the best, but that it will be made hygienically, the cups are clean, and the milk is fresh. When we come to work, we trust that other people will obey the traffic laws, so we\u2019ll be safe. If we are being driven, we trust that the driver knows what they are doing, that they are fresh and alert, rather than recovering a big night the day before.\n\nBut with our vital IT systems, we KNOW that cyber-criminals are coming at us literally all the time. They are either hand-crafting attacks at us, or using hyper-scale computing to direct sophisticated tools against us.\n\nAs an IT services business, we\u2019re spending more and more of our time focussed on keeping clients safe. I continue to be amazed by the organisations that don\u2019t think this is important, even as they see increasing numbers of attacks.\n\nAs our colleague Bill showed us at an internal exercise the other day, we\u2019re diligent at locking the physical doors, applying deadlocks and turning on the alarm, even though we\u2019ve all seen relatively few of these incidents. By contrast, even though we\u2019re seeing and reading about IT security events continually, from phishing and whaling to intercepted emails, many businesses remain reluctant to step up their data protection.\nThe Cloud changes security risks<\/h2>\n
\n
It\u2019s madness!<\/h2>\nForrester Research tell us that we should always be assuming a breach, never trusting anything and always verifying. While we can, and we must, use tools to assist us, the number one risk remains people, and how we behave.\n\nWe have to ensure our processes are secure, for example checking emails \u2013 especially financial ones \u2013 are from the person we think, and we warned recently of one stunning local story -[wow_colorme] http:\/\/kinetics.co.nz\/bank-account-fraud<\/a>[\/wow_colorme]\n\nFor example, when you access a web URL link, how can you be sure it is genuinely who you think it, or that the site is not infected with malware? Whether someone has forwarded you the link by email, or through social media, or you\u2019ve found it in an online search, how can you be sure it\u2019s safe?\n\n
![\"\"](\"http:\/\/kinetics.co.nz\/wp-content\/uploads\/2021\/03\/ZeroTrustURL.png\")
<\/a>Tools like the URL curation we include in KARE for Security help you identify potential risks \u2013 ironically, a search on Zero-Trust itself resulted in at least one \u2018dodgy\u2019 site which, as expected, our KARE URL curation software warned us about.\n\nBefore the cloud, we could protect an organisation by focusing on the corporate firewall and scanning emails. Today, things have changed. We are working from anywhere, especially from home in this Covid-world.\n\nThe PC we use might be shared by other family members. It might be as likely to be used for your business emails and tools as it is for online ordering and click and collect shopping. You are accessing tools from your phone, and both that and your PC might also have your personal email, your social media, a personal file-sharing tool. You might be part of a community organisation that shares work on their own platform.\n\nThe idea that we can filter that non-work material work out seems impractical to me, so it makes sense that the end-point \u2013 phone or PC \u2013 needs to be our focus.\n\n \t