IBM Security MaaS360

 View Only
  • 1.  Zero Trust Security

    Posted Wed November 11, 2020 04:22 PM
    How does Zero Trust Security work with MAS360?

    ------------------------------
    John Martin
    Senior Security Architect
    30 Gaunt Street
    Auckland
    006421744012
    ------------------------------


  • 2.  RE: Zero Trust Security

    Posted Wed November 11, 2020 07:14 PM

    Hi John,

    MaaS360 could play several different roles in a zero trust environment, but I doubt it would be at the beginning or end, more of a middle piece.  While we can offer some auth tools via identity and access management, if you wanted a more thorough model, there would have to be some sort of NAC in place to communicate with MaaS360 and ensure that only properly authenticated, managed, and compliant devices can access the network.

    We have plenty of tools to consistently monitor the devices for compliance, and it can report back on a lot of different device info (missing patches, connected networks, detailed model information, etc) to really get the most out of our architecture in this use case,  I would also have that data fed in to an SIEM for broader monitoring.

    We can work in geofencing to monitor device locations, enforce policies based on entering/exiting locations, send alerts if devices remain "offline" for too long, and even set up timebombs to remove sensitive, containerized content if the device fails to check in in 'x' amount of time.

    For any user or device that falls out of compliance for any number of reasons (leaves a network, becomes jailbroken or rooted, downloads suspicious apps, or uses too much data, just to name a few), we can of course automate the removal of sensitive data, or even fully wipe if security requires.

    Hope this helps out a little - if you have any other questions, please feel free to reach out.



    ------------------------------
    Matt Shaver
    System Architect
    IBM
    mshaver@us.ibm.com
    ------------------------------