" dedicated Archives - LuxSci

Posts Tagged ‘dedicated’

What Is Zero Trust Architecture?

Tuesday, June 22nd, 2021

In light of the increasingly sophisticated attacks against the US public and private sectors, the Biden Administration announced a push toward Zero Trust Architecture, amid other cybersecurity reforms.

The White House order was issued on May 12, and it included a host of measures aimed at improving the country’s resilience against cyberthreats. The announcement contained plans to remove barriers that block the sharing of threat information, as well as actions to modernize the Federal Government cybersecurity environment.

A key part of the order was a requirement for each agency head to develop a plan for Zero Trust Architecture implementation within 60 days of the announcement. This plan must incorporate the migration steps set out in the National Institute of Standards and Technology’s (NIST) guidelines. The White House order also stipulates that migrations to cloud technology “shall also adopt Zero Trust Architecture, as practicable.”

This announcement is likely to have major implications in the cybersecurity world. With the federal government moving to adopt Zero Trust Architecture, it’s likely that other industries will soon follow suit. It’s worth asking what this framework is and what it means in the context of your own security stance.

what is zero trust architecture

What Is Zero Trust Architecture?

Simply put, Zero Trust Architecture is a security model that assumes no place is safe from cyberthreats, even an organization’s own network. Let’s explain it by contrasting Zero Trust Architecture with other security models.

Under other designs, an organization’s network has a perimeter, and the entities inside it are considered secure. It’s much like the terminal at an airport. Once you have gone through the security checkpoint, you are presumed free from any weaponry that could endanger others or the facility. After going through the security, you can enter the food court, the gift shops, or the bathroom without having to verify your identity or go through a metal detector.

Under this type of security model, systems can communicate with each other within the network relatively freely. Users are deemed safe and given special privileges, because they are on the “secure” side of the firewall.

In contrast, Zero Trust Architecture accepts that bad actors may be inside the perimeter of the “secure” network. Recognizing this possibility, the Zero Trust security model involves making the secure perimeter as small as possible to minimize the potential for compromise. It also takes steps to continually evaluate actors that are inside the network for possible threats.

Overall, the goal of Zero Trust Architecture is to protect devices and data from malicious actors. It improves on other security models by enforcing more granular access controls, which helps limit the potential for unauthorized access.

Trust Zones

In Zero Trust Architecture, a trust zone is an area where those granted access are also granted access to other parts of the network. Returning to our airport analogy, everywhere beyond the security gates is a shared trust zone where you can move relatively freely.

When you go to board your plane, you must go through another security checkpoint into a smaller trust zone. The smaller a trust zone is, the less data and access to assets that it has. This helps to limit the potential damage that a bad actor can cause.

If a bad actor gained access to the terminal, they could harm everyone within the secure perimeter of the terminal. If the bad actor only had access to the plane, the potential harm would be much more limited (the analogy breaks down a little here, because someone with access to a plane would also have had access to the terminal, but you get the picture).

The Core Tenets of Zero Trust Architecture

In order to build a more secure environment while still offering usable services, Zero Trust Architecture focuses on:

  • Authorization: Only granting users access to the minimum level of data and services that are required to fulfill their role.
  • Authentication: Verifying the identity of authorized users through logins, keys, certificates, multi-factor authentication and other measures. This helps to protect from unauthorized access.
  • Limited trust zones: Making trust zones as small as possible to reduce potential impacts if compromised.
  • Availability: The above security measures are critical, but they need to be designed in a way that maintains availability. A service is useless if it is incredibly secure, but unavailable much of the time.
  • Minimized delays: The vetting processes are important, but authentication should be implemented in a way that doesn’t slow down access.

LuxSci and Zero Trust Alignment

LuxSci has long aligned its services with Zero Trust principles. Our Zero Trust-aligned features include:

  • Dedicated servers with virtualized sandboxing and dynamic per-customer micro-segmentation. We put each dedicated customer in its own trust zone.
  • Dynamic network and user access monitoring that can block suspected threats.
  • Granular access controls for users and systems that access customer data.
  • Encrypted email.

The Biden Administration’s push toward Zero Trust Architecture shows just how critical it is for protection in the current environment. Secure your organization by contacting us now to find out how it can get onboard with LuxSci’s Zero Trust-aligned services.

10 Tips for Preventing Ransomware Attacks

Tuesday, November 10th, 2020

You’re already working long hours. Covid-19 is not letting up and your team is running on empty. Now you need to mitigate yet another virus of a different kind. Preventing ransomware attacks and mitigating their extreme financial impacts (an average of $8,500/hour of downtime) is essential. The following best practices can help your IT and healthcare administrators protect your systems.

Avoiding Ransomware

Read the rest of this post »

Why LuxSci Enterprise Class Servers Stay Up when Hardware Fails

Thursday, February 15th, 2018

The server your email is hosted on had a power supply issue and now your email is down … and will remain down for a few hours until your provider repairs the hardware issue and gets you back online.

Downtime sucks and it can hurt your business.  However, you can protect yourself from downtime due to hardware failure issues like this.

LuxSci offers two service options: Business Class and Enterprise Class.  The most notable difference between these options is reliability.  Enterprise Class services (both dedicated and shared) will keep running even if the underlying server hardware fails.  How does that work?

Read the rest of this post »

High Security Dedicated Cloud Servers at Low Price

Thursday, August 1st, 2013

VPSNew LuxSci dedicated cloud servers start at $100/mo. This allows many more customers to take advantage of dedicated solutions, even a HIPAA-compliant one, without a big price tag.

See also Understanding Cloud Servers.

LuxSci has for a long time offered both dedicated physical servers, as well as dedicated virtual private servers located in our private cloud.  Now that we have signed HIPAA Business Associate Agreements with Rackspace for their public cloud infrastructure, we are able to offer dedicated virtual private servers that reside there … to all customers: those with compliance needs and those without.   The ease of public cloud server management and the low underlying cost of these solutions enables LuxSci to provide its services on them to its customers at a much lower price point than was previously possible.

Read the rest of this post »

WordPress for HIPAA and ePHI? Is that a good idea?

Tuesday, February 12th, 2013
For a deep dive, see our white paper: Securing WordPress

WordPress is an extremely popular content management system for both blogging and creating web sites.  It’s popular because it is quick to set up, easy to administer, has a very large supported base of add-ons, and looks good.  As a result, many LuxSci customers use WordPress in one fashion or another for their web sites hosted at LuxSci.

As we cater to a large segment of customers who have specific compliance needs, e.g. HIPAA compliance, we frequently are asked about using WordPress with ePHI … e.g. using WordPress to provide access to protected health information for members of the WordPress site.

Can this be compliant?  Is it a good idea?

Read the rest of this post »

LUXSCI