Step 1: Asset Discovery and Prioritization
Identify assets that are valuable to your business so you can prioritize what you need to protect first.
To protect your assets and ensure normal business operation, you need to know what those assets are and how they are used so that you can:
- Understand exactly which users, devices/infrastructure, applications, data, and services are part of your network or have access to your network. Understand the different access requirements of different user groups and key individual users.
- Prioritize how you roll out Zero Trust to protect those assets.
You can’t protect assets that you don’t know exist. When you identify all assets in all locations (on-premises, cloud, remote, third-party, etc.), you can protect all assets. Unknown users, applications, and infrastructure, including unmanaged IoT devices, are potential security vulnerabilities. Discovering internet-connected IoT devices may reveal devices that are vulnerable to attack—not only expected devices such as printers, cameras, and other unmanaged terminals, but also unexpected internet-connected devices such as coffee mug warmers and personal fans.
How you prioritize what to protect first depends on several factors:
- What is important to your business and critical to running your business? Different businesses place different values on different assets. Evaluate your infrastructure, applications, and other assets to identify what is important to your business.
- Industry standards and local regulations such as General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and payment card industry (PCI) standards.
- Evaluation of the sensitivity if an asset is exposed:
- Low sensitivity assets—Exposure causes limited harm to the enterprise. For example, non-critical data and applications with limited user bases that don’t access critical data or infrastructure.
- Moderate sensitivity assets—Exposure risks serious harm to the enterprise or its customers. For example, business data and applications, email, voice, and video communication, and infrastructure and services whose compromise impacts the enterprise.
- High sensitivity assets—Exposure causes severe harm to the enterprise or its customers. For example, information theft that requires a breach notification, personally identifiable information (PII), critical intellectual property such as code, designs, architectures, etc., critical infrastructure such as the enterprise’s public key infrastructure (PKI) and critical servers, and critical services such as Active Directory (AD), DNS, and DHCP.
Start the transition with your most valuable assets, which are often in your data center or in the cloud, where you store source code, customer data, and other business-critical, proprietary assets.
Use the following methods to gain visibility into traffic and help identify users, applications, and infrastructure:
- The team’s knowledge of the business. For example, business leaders can speak to the strategic value of applications.
- Insert one or more next-generation firewalls transparently into your network in virtual wire (vwire) mode, which is a passthrough mode that requires no topology changes because vwire interfaces don’t have IP or MAC addresses, to gain visibility into traffic. Check Traffic logs to view and analyze traffic. If you have managed firewalls, use Panorama logs.
- Use Application Dependency Mapping tools to discover application dependencies (the resources an application uses, such as databases, load balancers, servers, etc.) automatically.
Recommended For You
Recommended videos not found.