MARCH 202319share learnings from these incidents. For instance, in case of a data breach, a digital forensics team would examine the network and identify signs of malware, unauthorized user accounts, or accounts with unauthorized privileges. These investigators can determine if an attack is still ongoing, and identify whether the damage can be halted. For these teams to perform their tasks effectively, the technology they use must ideally have:· Admin access across the network· Deploy agents to remote devices· Inventory all devices and the ability to respond to incidents on these devices· Operate across platforms including Mac, Windows and Linux· Image and collect data forensically across an encrypted connection· Remediate incidents such as deleting files, closing ports, or potentially deactivating users· Monitor endpoints to analyze files in use, programs running, and connected services in real timeGranting forensic investigators full admin access to conduct investigations is in direct conflict with the principles of zero trust -- where users, devices, and applications access information on a need-to-know basis. Most digital forensic solutions are connected to the internet, which in turn adds to the existing security risks, obliging organizations to provide forensic investigators with multiple devices for different functions. Such solutions would only increase costs exponentially.Adopting Secure Digital Forensic ToolsSolutions capable of conducting secure forensic investigations can go a long way in strengthening internal investigation functions for Indian businesses. Technology that can be installed on-premise but secured on a server controlled by IT is ideal. Forensic investigators can then carry on investigations in a web browser interface without disrupting the zero-trust architecture.Besides, other experts involved in an investigation such as HR or financial specialists, will have the capacity to review relevant elements of the case without needing administrative access or a dedicated forensic device. With the right technology, investigating teams can sidestep the extensive software lockdowns required to minimize non-authorized access in zero-trust environments, while maintaining the integrity of security controls.The rapid adoption of hybrid and work-from-anywhere models calls for technology that is nimble and can remain secure in remote environments. Businesses The expanding risk of cyber-attacks led the Ministry of Electronics and Information Technology to issue guidelines regarding the adoption of zero-trust architecture earlier this year.Zero trust architecture has arisen as a response to today's perimeter-less networks
< Page 9 | Page 11 >