Growth Drivers | October 31, 2024

Putting zero trust to work—for our clients and ourselves

Picture this: A castle surrounded by a massive wall, complete with watchtowers and a moat. Anything inside the wall is considered safe, while anything outside is potentially harmful. This is how traditional security models used to operate, treating the internal network as a safe zone.

The problem with this approach is that castles can been breached, walls can be scaled, and internal threats exist. And once an attacker gets inside, they have free rein over everything inside.

In the zero-trust model, there is no inside or outside the castle. Everyone and everything is considered a potential threat until verified.

A better way forward

Zero trust operates on the principle of “never trust, always verify,” rather than granting implicit trust to all users inside a network. It's a strategy that organizations of all sizes are implementing to protect users, devices, networks, applications and data. This helps address the cybersecurity risks posed by remote workers, hybrid cloud services, personally owned devices and other elements of today’s corporate networks.

Think of a zero-trust model as a watchful security guard who meticulously and repeatedly checks your credentials before granting you entrance to the office building where you work, even if they are familiar with you. They, then, constantly repeat this process to confirm your identity.

Without this kind of robust solution in place, it can be challenging for organizations to have a clear picture of who has access to data and what they are doing with that data. And companies can unnecessarily expose themselves to costly data breaches and other security incidents.

How DXC is putting its trust in zero trust

When DXC examined the future of its own business over four years ago, it became clear that taking a virtual-first approach would require a fundamental shift in mindset. DXC knew it needed to leave behind the traditional location-centric model and adopt an identity-centric approach that controls access based on user identity and other attributes.

With that goal in mind, DXC began to migrate away from its traditional perimeter-based security architecture consisting of firewalls and multiple VPNs used by employees to connect to customer systems. To support our hybrid environment and boost our security posture, we decided to adopt a zero-trust architecture and roadmap.

One thing we learned is that when embarking on the zero-trust journey, it’s imperative to be fully aware of what one’s technical landscape encompasses and how best to protect those assets. This means creating a full log of users, devices, programs and services so that IT teams can allocate who has access to which parts of the network.

Simply put, holes in the inventory infrastructure could result in security risks for our organization. 

The effectiveness of access controls

To scale our business in a secure way, DXC needed a way to manage access across our entire IT estate. For that we used a zero-trust network access service that verifies users and grants access to specific applications based on identity and context policies.

For example, employees on the accounting team can work on payroll applications and have the same user experience from the home or office, as long as they and their devices are automatically authenticated each time they access these systems via constant secure state revalidation.

The team also used a cloud-based platform that securely connects users, devices and applications across different networks, including in any of our six global data centers. And advanced logging and reporting capabilities provided us with the necessary visibility into data access events, while also supporting compliance efforts.

A new security standard for industries

For industries that handle sensitive information, zero trust offers an extra layer of protection.

For example, a global manufacturer needed to maintain continuous, secure data exchange with customers and increase cyber resiliency across its on-site and remote workforces. DXC helped move the company to a cloud-native, zero-trust security strategy that increased control and improved visibility of the security landscape and made the business more resilient to inner and outer threats.

A European utility company struggled to manage fast-emerging cyber threats and increased regulatory requirements to protect the essential services they provide. DXC deployed a cloud-based secure service edge solution that provided safe access to applications, ensured adequate malware threat identification and prevention, met regulatory requirements and simplified ongoing operations.

A multinational energy and petrochemical company required simplified, secure connectivity for its global workforce logging in from offices, coffee shops, offshore and a range of other locations. DXC’s integrated solution provided rich intelligence and constant security validation and gave employees secure access to critical applications from anywhere.