Skip Navigation
BlackBerry ThreatVector Blog

Zero Trust and Zero Touch: Keys to Digital Transformation

By 2023, enterprises will have invested upwards of $7.4 trillion into their digital transformation efforts. These investments are being poured into cloud services, automation, mobility, IoT, data analytics, artificial intelligence, and other technologies that will improve critical business outcomes.

But improving business outcomes isn’t just about increasing sales, although that is an integral part of it. It’s also about building efficiencies across all aspects of the business, from improving staff productivity to enhancing the customer experience and everything in-between. But as companies embrace new technologies, they need to address increased cybersecurity risks. This is especially true the more rapidly these new technologies are deployed.

In 2016, research firm Gartner predicted that by 2020, 60% of digital business would suffer significant service failures due to security teams being unable to manage digital risk effectively. While there is no confirmation this 60% mark has been reached yet, we have seen evidence of an increase in outages and data security breaches over the past few years. And, because of these risks, security teams often put the brakes on new deployments, at least until the security issues can be figured out.

When organizations slow the deployment of new technologies out of concern for cybersecurity risks, then cybersecurity becomes not just a challenge regarding data and system confidentiality, integrity, and availability – which is a big enough task itself – it also becomes a barrier to achieving digital transformation and business success which directly impacts competitive advantage – not to mention attracting and retaining talent.

Access Management and Zero Trust

One area where the importance of security to digital transformation shines is in regard to passwords for user authentication. On the one hand, effective identity management is among one of the most efficient tools to manage digital risks, yet asking users to only log in one time and then keeping them logged in for an indefinite period does little to improve security.

After all, one of the most common vectors of attack is the use of stolen credentials to gain access. To improve password security, enterprises added additional factors of authentication to their mix, but asking staff and users to repeatedly authenticate or provide a biometric or an additional one-time passcode negatively impacts user experience and productivity and can encourage security workarounds. Also, no matter how difficult you make the authentication, it’s still an event. It does nothing between authentication events to ensure security.

The best way to enable the successful, secure digital transformations organizations need is to also transform their approach to security. Specifically, by using a Zero Trust approach, but in a way that does not create additional friction for users – a zero touch model, where security can become an enabler of digital transformation and business success. Within a Zero Trust and zero touch model environment, organizations can digitally transform their organizations and ensure the security they need along with the usability and ease of access that end-users demand.

If the right security isn’t put into place, enterprises will face dramatic headwinds and be at a competitive disadvantage against those enterprises that do manage to find the best balance between innovation and security.

What Is a Zero Trust and Zero Touch Model?

Zero Trust is defined precisely as it sounds: no user, system, or device is automatically trusted within the network. That means a user who is on the network shouldn’t be automatically assumed to be a trusted insider or even the same person as their login credentials imply.

The same should be true for IoT devices, application programming calls, mobile devices, or anyone or anything else attempting to gain access. Throughout the workday, the average user may make a certain number of password and authentication requests. And the reality is, that while many organizations want to adopt Zero Trust architectures, they simply can’t do so effectively.

With a Zero Trust and zero touch model, the hassles of passwords are eliminated. Instead, after the initial authentication with account credentials, the context of the user’s location and behavior, how they handle devices and what they access, as well as which applications they typically use and even how they interact with them, are all considered as part of the authentication process. This is achieved through the application of artificial intelligence (AI) algorithms.

This is possible because AI capabilities are now available to enable the collection, analysis, and evaluation of all of the essential attributes available about a user that is necessary to appraise the risk of a transaction or task they wish to perform. This is straightforward to deploy and happens in the background, creating a more positive experience for the end-user with less obstacles to productivity.

This means users can move from task to task, app to app, system to system, and device to device securely while remaining unfettered. Today, with the increased digitization of workflows, such capabilities are more important than they ever have been, and the Zero Trust and zero touch model enables better digital transformation experience because it’s a dynamic evaluation of user risk. And access to every application, data, and system is vetted in real time.

Zero Trust and Zero Touch in Action

How does this work in practice? Following the initial authentication, if an employee is accessing all the applications they typically access, and do so from the same devices and networks they usually use with no detectable anomalies or increase in risk potential, they can continue to be trusted and to work in familiar and trusted ways. If they are detected handling a device differently, doing something unusual, or entering into a high-risk transaction with the system, the system will require further authentication.

Continuous authentication constantly validates the user without their even knowing it so that an approved user can focus on doing their job with minimum interruptions. The net result is an improved user experience that provides protection against credential abuse by unauthorized users, privilege enforcement against security controls for authorized users, and a more seamless workflow to improve user experience and productivity.

In the age of digital transformation, this makes a lot of sense. After all, digital transformation is about using the cloud, automation, and data to make better decisions and provide better experiences for users. Isn’t it about time we do the same with security? Isn’t it time we use security to help to improve the everyday experiences of all users while also protecting the systems and data we are transforming?

BlackBerry Spark Suites

A big part of the task of making the leap to a Zero Trust and zero touch model can be as simple as having the right solutions in place – solutions designed for secure digital transformation.

We recently announced the availability of BlackBerry Spark® Suites, a set of comprehensive solutions that offer enterprises a range of tailored endpoint security and management options that minimize risk, reduce security costs, and overcome complexity. BlackBerry Spark Suites combine the best of endpoint security and management capabilities powered by artificial intelligence and automation, and includes the following options:

  • The BlackBerry Spark UES® Suite provides a full set of endpoint security capabilities, including AI-driven user and entity behavior analytics, next-generation mobile threat defense, endpoint protection, as well as endpoint detection and response. Data loss prevention and a secure Internet gateway will be added to this suite in the near future.

  • The BlackBerry Spark® UEM Suite, which provides a highly secure way to manage and secure devices and applications, including secure interoperability with Microsoft® Office 365® mobile apps. It also offers a full set of endpoint management capabilities, digital rights management, identity and access management, SDK/custom apps, multi-channel notifications, and regulated controls. A streamlined option of this offering is also available in the BlackBerry Spark® UEM Express Suite.

  • The BlackBerry Spark® Suite provides a one-stop-shop and the gold standard that includes features of the BlackBerry Spark UES Suite and BlackBerry Spark UEM Suite and supports all device types and ownership models. It’s built to enable a Zero Trust security environment and is focused on earning trust across any endpoint and continuously validating that trust at every event or transaction.

A convenient side-by-side comparison of all of the BlackBerry Spark Suites can be found here. BlackBerry Spark Suites provides a more straightforward experience to users while also enhancing security for the organization. For more information on the BlackBerry Spark Suites and the advantages of a Zero Trust, zero touch security model, please contact us.

All of these advances can also improve the end-user experience while increasing security. Having a single console to centrally manage and secure all of an organization’s endpoints means performance isn’t adversely impacted, providing a zero touch user experience across all devices whether they are fixed or mobile, inside or outside the network firewall, corporate-managed or BYO.

Alex Willis

About Alex Willis

Alex Willis serves as the Vice President, Global Technical Solutions at BlackBerry.