Sathish Murthy, Systems Engineering Lead, Cohesity ASEAN & India

A zero-trust approach to data security and management stands at the heart of this, as it encompasses an evolving set of data protection paradigms that focus on authenticating and authorizing users for access or changes to a platform. Core capabilities to operating under this approach include:

    • Multi-factor authentication (MFA): As it provides strong authentication of users to thwart unauthorized changes to assets like data. By requiring users to identify themselves with more than mere login credentials and enter a response only they can provide (such as a mobile phone challenge or time-based one-time password), MFA bolsters security as it undercuts attempts by threat actors to leverage brute force tactics to steal passwords and usernames.
    • Granular role-based access controls (RBAC): That enable organizations to grant the least privilege required for users to do their job. This minimizes risk and prevents them from overreaching into areas beyond their responsibilities and minimizes risk in the event a digital identity is compromised.
    • Quorum: This prevents unilateral changes within administrative accounts to a platform so that no single user, rogue admin or compromised account can affect sensitive operations. With quorum, user requests to change settings or administrative functions require multiple approvals before taking effect.