Provides design guidance for securing users, applications, and infrastructure by using the Palo Alto Networks Zero Trust Enterprise approach to eliminate implicit trust and continuously validate every stage of a digital interaction.
Technologies covered: Prisma Access, Prisma SD-WAN, Prisma Cloud, Cortex XDR, Cloud Identity Engine, Next-generation Firewalls
Identity and Access Management (IAM), or simply identity management, refers to a service or platform that identifies individuals and controls their access to system resources through user rights and restrictions. Identity management is important for security and increases the productivity of users by implementing a central directory: users don’t need to remember and keep track of several different usernames and passwords. IAM also helps protect companies and their users from data breaches. In 2015, the average total cost of a data breach was $3.8 million¹. Identity management can offer protection against these types of threats with security features like multifactor authentication breached password protection, anomaly detection, and more. Identity management solutions provide benefits for all types of businesses. IAM can also provide distinctly and specialized features to serve B2B, B2C, and B2E use cases. • B2B: A business provides federated identity management to another business, such as Trello allowing another business to log into Trello with their enterprise credentials. • B2C: A business provides social authentication to consumers through Facebook, Google, or other social media identity providers. • B2E: A business provides single sign-on to its own employees. Download Now
The idea of identity as the new perimeter for cybersecurity has been part of the conversation for acouple of years. The truth is that identity has always been a perimeter. Historically, cybersecurity experts did not apply multiple security controls like firewalls or encryption tothe identity perimeter because we could protect it by adding additional layers of security to our outerdefenses. We didn’t need to protect identity at its source because we could safely rely on our outerdefenses, like a castle reliant on its moat. Now, however, we can no longer depend on those outer defenses. Because identity is disseminatedacross so many platforms, devices, and applications, the identity perimeter is exposed, and we need newand better ways to protect it. Traditional perimeter protections are simply inadequate to defend identityagainst today’s increasingly sophisticated and effective attacks. Ongoing digital transformation has created a convergence of users, devices, and applications thatdemands an identity-based security approach. To meet the security challenges of this new ecosystem,companies are developing new ways to authenticate identity and authorize users accordingly. In thissense, identity is the gatekeeper, determining who gets what kind of access based on what data. In this guide, you’ll learn more about the relationship between identity and perimeter security, themethods used to attack identity, and new tactics and strategies for securing identity. Download Now
Domain Name System (DNS), often referred to as the “phonebook of the internet,” is an important protocol for the overall functioning of the internet, translating domain names into IP addresses and vice-versa. DNS, though, is an inherently insecure protocol and is vulnerable to a variety of cyberattacks that can disrupt network and service availability and violate confidentiality of users and their data. This poses a challenge for the teams responsible for ensuring uninterrupted DNS service and maintaining user privacy. Download this white paper to learn about some of the common security challenges associated with DNS and the best practices that can be used to mitigate or overcome these risks. In this white paper you’ll learn about: • The importance of securing a DNS infrastructure • The common types of DNS attacks • Limitations to traditional approaches to securing DNS • Solutions for countering DNS attacks Download Now
