Cocoon Data logo

Zero Trust Data Management: Three Ways to Configure Your Policies

Bog Hero

Want to take your cyber security initiatives to the next level? Consider taking a Zero Trust approach when selecting and implementing a secure file management, sharing, and collaboration platform.

In a Zero Trust security framework, your organization will authenticate, authorize, and validate each user every time they try to access your applications and data. It doesn’t matter where they’re located, what kind of device they’re using, or even how highly they rank in your organization. If they try to log on, they’ll need to go through the authentication process. And even after they’ve logged on once and established their credentials, they’ll have to continue verifying themselves periodically to maintain those credentials.

In other words, with Zero Trust, there’s no such thing as a “safe list.” Users must keep proving their identity if they want to continue logging in.

In 2020, the National Institute of Standards and Technology (NIST) published Special Publication (SP) 800-207 to describe the components of a Zero Trust Architecture. NIST 800-207 provides reliable guidelines for both government and private-sector organizations to adhere to Zero Trust.

We have some thoughts too. To put it concisely, it all comes down to using stringent access control and applying a Zero Trust data management strategy to file sharing and collaboration. When it comes to a secure data sharing solution, we recommend going with a platform that adheres to the three principles of Zero Trust based on the NIST guidelines: continuous verification, limiting your blast radius, and automating any context collection and response.

Requiring Continuous Verification

Any discussion about continuous verification is really a discussion about access controls. And under the umbrella of access controls, you’ll find encryption.

At Cocoon Data, we take a novel approach to Zero Trust data management. Our solution won’t allow an encryption key to be unlocked unless certain rules are validated. The whole process revolves around policies and identities—not just a user’s ability to provide credentials.

Our solution also operates around the principle of least privilege (PoLP), in which users receive access to only the data and functionality they need to perform their jobs, and no more. You can help your organization adhere to PoLP and Zero Trust by implementing policies that prevent users from even seeing, let alone attempting to access anything that’s not germane to their job duties.

Limiting Your Blast Radius

Suppose a malicious party does breach your security controls and gain access to your network. You’ll need to have controls in place that minimize the damage they can do. One way to limit your blast radius is to make it impossible for them to open files without providing further credentials.

With any data shared in the cloud, having your files individually encrypted creates one of the most secure ways to protect your information. It also provides a greater deterrent from ransomware and cyber-attacks occurring as it is a highly stringent form of Zero Trust data management.

Automating Context Collection and Response

Even after you’ve put controls in place to limit your blast radius, you’ll need to gather behavioral data on each security incident so that you can determine the most appropriate response. Having a Zero Trust data management solution that collects this data automatically and lets you see it in real time makes this task much easier.

Cocoon Data uses a more sophisticated way of referencing a strong audit log in order to tie all actions on the platform together. View logs at the individual file level or generate a report at the organizational level to get an oversight on all activities across your members with the ability to narrow results. Additionally, organization administrators have the ability to instantly revoke access or “Kill the Key” to any file at the click of a button. Doing so prevents the file from being opened or accessed, and anyone currently viewing the file will also be pulled out of that view. This feature is integral to responding to potential issues and can easily be reversed after the fact.

Replace Several Solutions with One

As Cocoon Data protects your data, the system not only helps you adhere to Zero Trust policies but also enables you to replace less secure and out-dated file sharing technologies.

We would love to tell you more about how Cocoon Data can provide the level of Zero Trust data management you’re looking for. Contact us to get started.


Jul 7, 2022

Posted by


Copy Link