Skip to content


Growth Drivers | October 31, 2024

Putting zero trust to work—for our clients and ourselves

 

Picture this: A castle surrounded by a massive wall, complete with watchtowers and a moat. Anything inside the wall is considered safe, while anything outside is potentially harmful. This is how traditional security models used to operate, treating the internal network as a safe zone.

The problem with this approach is that castles can been breached, walls can be scaled, and internal threats exist. And once an attacker gets inside, they have free rein over everything inside.

In the zero-trust model, there is no inside or outside the castle. Everyone and everything is considered a potential threat until verified.

 


 

A better way forward

 

Zero trust operates on the principle of “never trust, always verify,” rather than granting implicit trust to all users inside a network. It's a strategy that organizations of all sizes are implementing to protect users, devices, networks, applications and data. This helps address the cybersecurity risks posed by remote workers, hybrid cloud services, personally owned devices and other elements of today’s corporate networks.

Think of a zero-trust model as a watchful security guard who meticulously and repeatedly checks your credentials before granting you entrance to the office building where you work, even if they are familiar with you. They, then, constantly repeat this process to confirm your identity.

Without this kind of robust solution in place, it can be challenging for organizations to have a clear picture of who has access to data and what they are doing with that data. And companies can unnecessarily expose themselves to costly data breaches and other security incidents.



A Gartner survey revealed that while 63% of organizations worldwide have fully or partially implemented a zero-trust strategy, the scope and impact of these initiatives remained limited.



How DXC is putting its trust in zero trust

 

When DXC examined the future of its own business over four years ago, it became clear that taking a virtual-first approach would require a fundamental shift in mindset. DXC knew it needed to leave behind the traditional location-centric model and adopt an identity-centric approach that controls access based on user identity and other attributes.

With that goal in mind, DXC began to migrate away from its traditional perimeter-based security architecture consisting of firewalls and multiple VPNs used by employees to connect to customer systems. To support our hybrid environment and boost our security posture, we decided to adopt a zero-trust architecture and roadmap.

One thing we learned is that when embarking on the zero-trust journey, it’s imperative to be fully aware of what one’s technical landscape encompasses and how best to protect those assets. This means creating a full log of users, devices, programs and services so that IT teams can allocate who has access to which parts of the network.

Simply put, holes in the inventory infrastructure could result in security risks for our organization. 



The DXC security team also set up a policy engine that has full visibility into all network activity and continuously verifies and enforces activities against these policies.



The effectiveness of access controls

 

To scale our business in a secure way, DXC needed a way to manage access across our entire IT estate. For that we used a zero-trust network access service that verifies users and grants access to specific applications based on identity and context policies.

For example, employees on the accounting team can work on payroll applications and have the same user experience from the home or office, as long as they and their devices are automatically authenticated each time they access these systems via constant secure state revalidation.

The team also used a cloud-based platform that securely connects users, devices and applications across different networks, including in any of our six global data centers. And advanced logging and reporting capabilities provided us with the necessary visibility into data access events, while also supporting compliance efforts.



As a result of this work, DXC improved its security posture, blocking 9.2 million threats and preventing 1.3 billion policy violations in one quarter.



A new security standard for industries

 

For industries that handle sensitive information, zero trust offers an extra layer of protection.

For example, a global manufacturer needed to maintain continuous, secure data exchange with customers and increase cyber resiliency across its on-site and remote workforces. DXC helped move the company to a cloud-native, zero-trust security strategy that increased control and improved visibility of the security landscape and made the business more resilient to inner and outer threats.

A European utility company struggled to manage fast-emerging cyber threats and increased regulatory requirements to protect the essential services they provide. DXC deployed a cloud-based secure service edge solution that provided safe access to applications, ensured adequate malware threat identification and prevention, met regulatory requirements and simplified ongoing operations.

A multinational energy and petrochemical company required simplified, secure connectivity for its global workforce logging in from offices, coffee shops, offshore and a range of other locations. DXC’s integrated solution provided rich intelligence and constant security validation and gave employees secure access to critical applications from anywhere.



 

The big picture

Remember, zero trust is not a discrete solution but rather a strategy driver and mindset backed by technology. And DXC experts can help guide customers on their zero-trust journey.

DXC’s full range of security expertise includes deep experience in zero trust architecture, and identity and access management, with over 450 million digital identities under management, along with world-class detection and response capabilities.



More growth drivers

Five security trends shaping the future

What do the next few years hold for us? Here are five emerging trends that DXC CISO Mike Baker identified as transforming how we defend against cyber threats.

The power and promise of digital identity

The number of digital identity verification checks is expected to surpass 70 billion during 2024. And no wonder. Digital identity has become crucial for online interactions and security.

Preparing for an AI future

As AI and emerging technologies reshape the business landscape, companies with outdated systems and approaches must evolve or risk getting left behind. Here’s how.