- OverviewPress tab for submenu items
TCS is here to make a difference through technology.
Leading the way in innovation for over 55 years, we build greater futures for businesses across multiple industries and 55 countries.
-
Industries
-
Services
-
Products and Platforms
-
Research & Innovation
Overview
Industries
expand here
Services
expand here
Products and Platforms
expand here
Research & Innovation
expand here
- OverviewPress tab for submenu items
We’re in it for good, driving positive change for the benefit of all.
Our expert, committed team put our shared beliefs into action – every day. Together, we combine innovation and collective knowledge to create the extraordinary.
-
About Us
-
Leadership
-
Events
- OverviewPress tab for submenu items
Extraordinary expertise leads to remarkable results.
We share news, insights, analysis and research – tailored to your unique interests – to help you deepen your knowledge and impact.
-
Customer Stories
-
Perspectives
-
Global studies
-
Topics
- OverviewPress tab for submenu items
Want to be a global change-maker? Join our team.
At TCS, we believe exceptional work begins with hiring, celebrating and nurturing the best people — from all walks of life.
-
India
-
Americas
-
Asia Pacific
-
Europe and UK
-
Middle East and Africa
Overview
India
expand here
Americas
expand here
Asia Pacific
expand here
Europe and UK
expand here
Middle East and Africa
expand here
- OverviewPress tab for submenu items
Find the latest news about TCS in our Newsroom
Get access to a catalog of the latest news stories from across TCS. Discover our press releases, reports, and company announcements.
-
Press releases
-
News alerts
-
Analyst recognition
-
Media kit
- OverviewPress tab for submenu items
TCS works hand in hand with world-leading investors.
Tata Consultancy Services LimitedNSE:TCSINR -
Management Commentary
-
Financials
-
News and Events
-
ESG
-
Resources
Overview
Management Commentary
expand here
Financials
expand here
News and Events
expand here
ESG
expand here
Resources
expand here
Top Results
Showing
10
01 - 07
-
Blog
You have these already downloaded
We have sent you a copy of the report to your email again.
The exponential growth in cloud-native solutions, channel transformations, and ecosystem-centric business models are all contributing to higher security risks for organizations. As global firms pivot to remote workforce in the new normal, the need for protection has only increased. This is evident from a 238% increase in cyber-attacks on banks and financial institutions. In addition, the commercial cyber insurance market is expected to touch USD10 billion in 2020. Additionally, security is one of the top risks on the radar for many global (re)insurers.
Zero Trust (ZT) technology can help aid better security for the firms. It is a tool that offers guiding principles and strategies to uplift the enterprise security posture from the standpoint of architecture, resilient operations, and compliance. Using the ZT tool identities can be verified without exceptions and assumptions at every control point, i.e., architecture layer, network segment, and data access.
Challenges from Existing Traditional Approaches
In the current phygital era, online presence is no longer one of the channels for the firms but an existential need for B2C and B2B2C businesses and has reputation and legal penalty risks depending on how global and big you are. This drives the need for a comprehensive security strategy for these channels. Here’s a quick look at the current challenges for the IT teams responsible for digital security for a firm:
- Exposed code: The code is no longer protected by the enterprise firewalls but constantly stressed through genuine callers and malicious digital users of the present-day service endpoints for the borderless enterprises.
- Point solutions: Third-party security tools to protect and control often end up as optimized point solutions. This leaves the existing IT teams, already facing challenges with competency and resources, to sort through the process and technical integration. Any gap becomes a new vulnerability.
- Myopic approach: Security can no longer be tossed among developers churning code and reviewing by architects and clueless business analysts. It needs specialized attention, and the agile team members cannot afford a myopic story card-centric approach.
- Human weaknesses: Phishing emails, weak passwords, human errors and ignorance, and misconfigured tools still show up in root cause investigations for security breaches. It highlights that human interventions continue to be the weakest link and need to be effectively addressed.
Zero Trust to the Rescue
ZT builds on two main objectives – limit the surface exposure and increase defense depth. Here’s a look at ways to achieve these.
Surface limitation
Surface means applications that process transactions exposed as services on data-consuming resources. Since data is the ultimate guarded asset, it helps to take a data-centric approach on surface limitation.
Empower data governance
If the business aspires to be data-driven, it should take charge of data estate, realize the importance of data stewards, and begin with (sub) domain-wise data dictionary (glossary) and data lineage initiatives. Later, responsibilities can be expanded to include security policies and audit data lifecycle policies across the IT landscape. Data stewards must play the role of a guide and auditor.
IAM offers a good start
The first step of ZT is to identify and make identity and access management (IAM) a great starting point. In the current generation of social identities by Google, Facebook, LinkedIn, etc., the identifying job has been delegated. Trusting identity providers and the extent of trust is a bigger decision point. Incrementally, there is a need to apply the least privilege, minimal duration, and small perimeter principles.
Multi-layer protection at cloud scale
At layer 7, log-in forms have now been replaced with single sign-on (SSO) while regulators are mandating multi-factor authentication (MFA) in the financial world. At lower levels, on-premise appliances like firewalls are not enough. Enterprises need a Secure Access Service Edge (SASE) or Cloud Access Security Broker (CASB) solutions as per the cloud deployment model.
Eliminate implicit trust
Zero Trust mandates checking of the incoming channel, network, user-role, and data packets on each request. Technologies such as mobile device management, deny-all firewalls rules, client X.509 certificates, and data-in-transit (payload) encryption are available choices for enhanced depth of defense.
ZT: Evolve as you Go Along
Given the ZT tool needs to evolve to deliver in line with new workloads and emerging threats, there is a need to ensure we make the best use of our limited resources. Here’s how that can be achieved:
Filter the noise
Logs are a great start but cloud or on-prem ITOps dashboards aggregating logs, heart beats, readiness checks, KPI metrics, cluster events, firewall logs multiplied by instances will soon swamp operations. False alerts create avoidable panic among business leaders and internal compliance teams. Hence, investing in an analytics layer will make sense out of the noise.
Drive sense of ownership
It is an uneven setup with thousands of code-churning developers, a handful of reviewing architects, and a couple of operations staff. Legacy technology developers are naive to code vulnerability threats, and intranet app developers never had to worry about database encryption. There is a need to provide a repeatable process and tools to each stakeholder, e.g., code scanners for programmers to cope with this steep learning curve.
Conclusion
To effectively guard against human weakness, continuous tooling and automation, as well as awareness and coaching, are important. On the machine front, applying Zero Trust principles will offer a structured approach. This would help the security initiatives by driving ZT objectives of reducing the attack surface and increasing the depth of defense. However, ZT does not offer a prescriptive implementation path. The path to deliver is by carving your own journey, factoring in culture, IT estate, organization structures. Zero Trust is not a buy-and-patch solution but a strategic toolkit in holistic enterprise security transformation.
About the author
Image of Kamesh Meduri
Kamesh Meduri
Kamesh Meduri is Chief Architect with TCS Banking and Financial Services (Central Europe) unit and has over 20 years of experience in the insurance and retail banking domains. Kamesh holds a bachelor’s degree in Mechanical Engineering and a master’s degree in Economics from BITS - Pilani, India. He is Certified TOGAF architect and Guidewire InsuranceSuite Integration Specialist.
Related reading
1/4
Blogs
IoT
Building Trust in Autonomous Vehicles with Functional Safety Standards
Blog
|
24 Jul 2024
Opens in new tab
2/4
Blogs
Ayush Kumar
TCS ERP on Cloud
The Role of AI/ML in APM: Why They Matter?
Blog
|
15 Jul 2024
Opens in new tab
3/4
Blogs
TCS ERP on Cloud
Debarghya Mukherjee
Integrated ITSM and ITPM: Enabling Seamless Change Management
Blog
|
09 Jul 2024
Opens in new tab
4/4
Retail
Kamaraj Chinnasamy
Enhancing Colleague Experience in Retail for Better Customer Service
Blog
|
03 Jul 2024
Opens in new tab
What’s on your mind?
We’re here to help! Tell us what you’re looking for and we’ll get you connected to the right people.
Looking for something else?
©2024 TATA Consultancy Services Limited
©2024 TATA Consultancy Services Limited
- Privacy Notice
- Cookie Policy
- Disclaimer
- Security Policy
- California Notice at Collection
- Customize Cookies