Extending Zero Trust to the Endpoint — Hysolate

Tal Zamir, Founder and CTO, Hysolate

What is Zero Trust?

Zero trust is a security model based on maintaining strict access control. It has risen in popularity since Forrester coined the term in 2010.

User Devices: The Zero Trust “Achilles Heel”

ZTA is definitely a great step in the right direction but it has a fundamental design flaw that is the result of a wrong assumption. ZTA’s underlying assumption is that the network can check the health of user devices and then trust them with access to enterprise resources. This might be true for some extremely locked-down devices. However, most enterprise user devices run operating systems like Windows and have a huge vulnerable code base, a wide variety of legacy applications/middleware, and access to risky malicious networks or internet resources. These devices can easily get compromised by determined attackers. Once a device gets compromised, the operating system can no longer be trusted as malware resides in the same operating system kernel and can tamper with operating system health checks.

Fixing the Weakest Link in the Zero Trust Concept

To close this gap in ZTA — and make ZTA a dramatically more secure architecture — enterprises must ensure employees use trusted devices. By re-establishing trust in user devices, it is possible to let users access corporate resources anywhere. However, this is a challenging task, as enterprises still rely heavily on Windows (or other monolithic operating systems) and legacy applications that are vulnerable and untrusted. Making devices trusted again must also support the migration of existing devices, as solutions that require a fresh start with a new operating system or new devices would fail in any realistic enterprise environment.

Learn how Hysolate makes zero trust access a reality by splitting a users device into two separate zones. Request a demo with a member of our team.

About the Author

Tal is a 20-year software industry leader with a track record of solving urgent business challenges by reimagining how technology works. An entrepreneur at heart, he has pioneered multiple breakthrough cybersecurity and virtualization products. Before founding Hysolate, Tal incubated next-gen end-user computing products in the CTO office at VMware. Earlier, he was part of the leadership team at Wanova, a desktop virtualization startup acquired by VMware. Tal began his career in an elite IDF technology unit, leading mission-critical cybersecurity projects that won the prestigious Israeli Defense Award. He holds multiple US patents as well as an M.Sc. degree in Computer Science, and the honor of valedictorian, from the Technion.

Hysolate is a software platform that enables locally deploying and remotely managing virtual, secured, environments on a single endpoint.