Zero trust is making its way to the vocabulary of companies seeking to improve their online security. And not just small companies; the European Parliament is proposing a universal standard of cyber-hygiene measures for public institutions, which, among others, includes zero trust.
But how do you implement zero trust if you’re a small company and don’t have a cyber security expert on staff?
Skip to the solution here.
Zero trust is a cybersecurity approach that uses strict identity-based user verification to reduce the risk of cyber threats and mitigate their impact. In addition, it increases the agility of IT teams, improves observability, and enables compliance enforcement. Zero trust rests on five pillars:
Learn more about zero trust in this article.
Threat actors have begun to target a wider spectrum of victims, including small businesses and government organizations. Much of the day-to-day work of these entities now takes place online, which makes them viable targets.
Zero trust is helpful to organizations that need to shrink their attack surface, such as:
GoodAccess a 100% cloud-delivered zero trust solution. You don’t need any additional infrastructure; it already incorporates the mechanics of zero trust network access, so all you need to do is set up your access rules via a central management console.
The biggest hurdles that prevent companies from implementing zero trust are cost and complexity of implementation. But both of these are swiftly overcome with GoodAccess. The cloud-delivered zero trust network access solution dovetails with your existing environment, carries no additional engineering overhead, and costs less per month than a trained IT security expert.
You can sign up for free and test all of the solution’s features for two weeks.
Create an account using the link here and verify your email. Creating the account is free and gets you unlimited use of the product for 14 days.
It usually takes us a few hours to approve a free trial, or in rare cases, days.
Once we’ve approved your trial and you have signed into your GoodAccess control panel, you will need to choose a name for your team and connect to a gateway.
We recommend choosing a gateway that is nearest to your geographical location. You get lower latency that way.
In the GoodAccess Control panel, go to the Members section.
Here, click Invite member to send invitation emails to your team members.
If you have a more complex network, you can add devices (such as routers or firewalls) from this interface.
Have your team members download and install the GoodAccess app.
Once it is installed, they need to fill in your Team ID, their username/email and password.
You should see your team members appear in the list in the Control Panel.
First, download and install an authenticator app such as Google Authenticator, Microsoft Authenticator, or Authy on your computer or device.
Then, go to Settings in the GoodAccess Control Panel and switch to the Two-Factor Authentication tab.
Check the checkbox Enable Two-Factor Authentication and click Save Changes.
The same dialog is used for enabling 2FA for every login and setting up a session timeout.
When you and your team try to log in, you should be prompted to complete 2FA.
Scan the generated QR code and then type in your one-time passcode in the box below.
Once you have authorized 2FA, you should see a green pop-up telling you 2FA was successfully activated.
First, you need to add your systems. A system can be an online app (e.g. your CRM or eshop administration) or a server.
For a full guide on access control, check this article.
In the Control Panel go to the Systems section.
Click on Add System in the top-right corner and fill out the dialog.
Finally, click Add System, and your newly connected system should appear on the list.
For a hands-on guide, watch this video.
When you have added all your systems, you need to create access cards. Access cards determine what systems each individual user can access. They will also see shortcuts to their allowed systems in their GoodAccess app.
Go to the Access Control section and click Add Access Card.
Enter the access card’s name and click Add Access Card.
Your access card is now blank. Click Edit in the top-right corner of the card to add members and systems.
For example, if you’ve created a card called “Sales”. In the Members tab, tick all salespeople, and in the Systems tab tick all the systems salespeople need access to.
Confirm your choices by clicking Save.
For a more hands-on guide, check out this video:
GoodAccess can block access to harmful or prohibited websites.
In your Control Panel, go to the Settings section and switch to the Secure Shield tab.
Here you can switch Threat Blocker on and off (it’s on by default). Threat Blocker is a built-in DNS filter that blocks access to harmful websites, such as phishing sites or malware-hosting sites.
Under Custom domain blocking you can block additional websites, such as social media or other productivity sinks.
Click Add Domain and fill out the domain name in the dialog (e.g. facebook.com).
Confirm by clicking the Add domain button.
Note: You can also add your custom domain blacklists. Switching to the DNS Management tab will allow you to upload your custom blacklist by clicking Import CSV in the Custom DNS Filtering section.
To check your access logs, navigate to the Access Logs section in the Control Panel.
From here you can view the access history of your team members, their IP addresses, timestamps of their connections, or the amount of data transmitted.
You can export this data in CSV or PDF by clicking on the corresponding button in the top-right corner.
That is all – you don’t need a degree in IT to build a zero trust environment.
If you need any guidance setting up your zero trust environment, let us know. We’re always happy to help.