From Zero Clients to Zero Trust

Written by Ian Main | December 22, 2020

Today I'm posting about your IT security strategy. According to Accenture’s 2020 State of Cybersecurity Resilience Report, your enterprise is under an evolving threat whether or not your remote desktop infrastructure incorporates PCoIP technology.

However, a leading group of government and private corporations are successfully defending against cyberattacks and improving outcomes – by focusing on technologies that provide the greatest benefit, collaborating better and responding more rapidly. One key success ingredient is the adoption of Zero Trust, a strategy (and bundle of technologies) that replaces traditional perimeter-based security with one focused on users, devices, applications, and assets.

If you are new to 'Zero Trust' as a concept, there is some great online content - I’d recommend this short introductory video from John Kindervag, world-renown cybersecurity expert that created the Zero Trust model. The Zero Trust Architecture (ZTA) is the focus of this article and several exciting product initiatives Teradici has lined up through 2021. Robust enterprise security relies on an ongoing innovation cycle, encompassing thought leadership and invention, blueprints, and standardization, followed by industry adoption and compliance - repeating as the threat landscape changes.

The Zero Trust Architecture is maturing from a long conception phase into early standardization, with industry organizations producing blueprints and many product vendors, including Teradici, gearing up with innovative solutions that fit these blueprints. This is an important time across many industries, especially in light of new security considerations as we settle into variations of work-from-home policies.

It starts with innovation

Teradici venture funding roots aside, security is inherent to our product value. Teradici PCoIP protocol pioneered wire speed full frame-rate desktop encryption using AES-256 standards, our TERA silicon was an industry first with NSA Suite B cryptography, and of course Teradici Zero Clients are widely deployed in thousands of corporations today - a full frame rate endpoint with fractional vulnerability compared to traditional operating systems and CPUs. Our extensive IP portfolio covers a broad range of security technologies from peripheral device authorization techniques to intermediary appliance authentication approaches and conditional single sign-on methods. Our innovations in Zero Trust Architecture in relation to Zero Clients and Teradici Cloud Access Software are well underway too.

To blueprints and standardization

Adoption of new approaches is difficult for individual corporations, never mind entire industries! Motivation and architectural guidance are both critical drivers of change. We hope the motivation part is self-evident from many published security statistics. Standards organizations and industry bodies have stepped up with vision papers, blueprints, and best practices. At the highest level, the National Institute of Standards and Technology (NIST) recently (August 2020) published Special Publication 800-207, the Zero Trust Architecture, I would advocate as mandatory reading for any Corporate Security Officer (CSO).

Industry-specific vision papers are critical to adoption too – especially in sectors with complex interwoven supply chains like the media and entertainment industry in which high value assets are shifted across multi-vendor production workflows. In this regard, MovieLabs (representing major Hollywood studios), has authored several seminal papers, including the 10-year vision publication ‘The Evolution of Production Security’ in 2019 which articulates practical ways to achieve the security objectives laid out for the Media and Entertainment sector in their 2030 Vision Paper through the application of Zero Trust Architecture to production workflows.

Adoption and compliance

This is the part Teradici and the vendor community fits in - the vendor community providing products with features that fit the Zero Trust architecture. If you understand the data-plane requirements for ZTA and PCoIP technology, you’ll already know that features such as Multi-Factor Authentication (MFA) in Cloud Access Software are pre-requisites to enable user-based controls. However, under ZTA, PCoIP endpoints also require device level controls, capabilities Teradici will be rolling out in the context of PCoIP Zero Clients, Thin Clients and Cloud Access Software PC/MacOS/Linux clients in 2021.

For new or existing customers, whether using PCoIP technology in Cloud Access Software, Amazon Workspaces, VMware Horizon or via one of our valued Teradici Advantage Partners, we will be offering an avenue for your organization to incorporate our Zero Trust features into your own architecture – and together we’ll work to achieving your zero trust compliance objectives.

View full post