What Zero Trust Can Teach Us About Responding to Fake News

Latest News
1 June 2017 news

Microsoft Identity Manager – delivering the hybrid IT infrastructure your organisation needs

Microsoft’s identity and access management solutions provide an identity management system that spans both cloud and on-premises environments.

29 May 2017 news

Identity Experts approved for G-Cloud 9

We are pleased to announce that we have been approved to be a G-Cloud 9 supplier for both Cloud software and Cloud Support. The new G9-Cloud framework replaces both the G7 and G8 ones and goes live in May.

26 May 2017 news

Device-based conditional access

We are going to look a little more as to how you can restrict access to applications from devices that are registered with Azure AD and which meet specific conditions.

23 May 2017 news

What is Microsoft Graph API?

The Microsoft Graph API connects developers to the data that drives productivity – mail, calendar, contacts, documents, directory, devices, and more.

18 May 2017 news

Azure Information Protection – Part 1 – classifying and labelling data

AIP enables you to better protect your sensitive information – anytime, anywhere no matter where it’s stored or who it’s shared with. It will help you control and secure email, documents and sensitive data that you share outside your company.

15 May 2017 news

Creating common identities with Azure AD Connect

By integrating your on-premises directories with Azure AD it will make your users more productive by providing a common identity for accessing both cloud and on-premises resources.

1 2 20 21 22
Posted on 24 August 2020

It’s everywhere: from clickbait articles to sophisticated deepfake videos, fake news has wormed its way into our modern lives. So, how can businesses protect themselves and their employees from believing everything they see? The answer is simple: Zero Trust.

 

By now, it’s very likely that you’ve encountered fake news during your personal and professional life, and there’s no shame in admitting that you’ve probably been convinced – even for a second – that you’re reading the truth. 5G conspiracy theories? An ulterior motive behind Coronavirus? Sex traffickers operating out of pizza parlours? When bombarded with information that is both convincing and plays on our individual fears, it’s easy to be swept up in the fake news furore.

 

Whereas individuals can quickly find themselves outraged, embarrassed, or swayed to one side or the other, for businesses, there’s an extra dimension of risk to fake news. Aforementioned deepfake videos and audio are being used to spread the sort of disinformation that makes phishing attacks possible, while fake news can nudge organisational decisions one way or another.

 

So, what can businesses do?

 

Getting to Grips with Risk

 

Firstly, it’s important to come to terms with the impact fake news can potentially have on an organisation. Aside from putting the PR department into overtime when a fake story breaks, or scaring shareholders when a mistruth dents share prices, businesses are at risk of significant security challenges.

 

Spear phishing attacks represent a particularly significant risk, with falsified audio being used to convince individuals that a trusted source within the organisation has requested a large transaction, or for access to security credentials. Elsewhere, bringing unverified information into the business can sabotage sales operations, business strategy, and even market intelligence, derailing months and years of hard work.

 

With so much convincing false information out there, bombarding us all the time, organisations need to take to a firm guiding principle, and in our experience with identity and security, we lean towards the Zero Trust approach every time.

 

How can a security and technology principle help stem the tide of fake news, you ask? Simple.

 

The Zero Trust Mantra

 

“Never trust, always verify” is the mantra that sits at the heart of the Zero Trust model. In terms of security, this means assuming that all user identities have already been compromised, granting access only when enough conditions have been met, and when the user’s identity has been well and truly verified.

 

Translating this to fake news is simple: encourage employees not to trust everything they read, instead seeking out verification from independent fact-checkers, alternative sources, and first-hand information.

 

This prevents any disinformation finding its way into the organisation, keeps employees on the ball and engaged, and is a skill that can be built upon to identify social engineering scams, adding a further layer of protection.

 

It really is as simple as that.

 

No False Hope

 

Unfortunately, we’re not likely to see fake news go away any time soon: at this point, it’s simply too pervasive, with parties across the spectrum having the freedom to make and disseminate false information on a whim.

 

We can, however, draw on ideals and thought processes from other areas to shore up against the influx, and keep our employees from being flooded with fallacies. And in the meantime, perhaps you’ll find a need for the Zero Trust principle elsewhere in your organisation – in which case, you know where we are!

 

If you’d like to find out more about the true application of the Zero Trust approach, or need help with educating your employees on phishing and security, feel free to get in touch.

 

A few people we've already done it for
X