Zero Trust Security

Swimage is a fundamental component of zero trust security frameworks. Swimage integrates with security stacks and ensures that all PCs, regardless of location, remain secure, healthy, and compliant.

Swimage leverages a combination of templates, compliance rules, triggers, and actions to provision, build, and enforce a PC’s desired state. This ensures that PCs are built to your precise specifications and that the PCs remain in that state throughout their life. If a PC is found to be out of compliance for any reason, Swimage automatically and immediately takes action to resolve the issue.

The following are some of the ways Swimage fulfills zero trust security requirements:

Continuous Monitoring and Verification

To fulfill the zero trust security requirement of continuous monitoring and verification, Swimage:

  • Continuously retrieves updated compliance rules from a central server and instantly enforces those rules to ensure all PCs remain healthy and compliant.
  • Monitors the software and security stack and remediates immediately if the stack is not aligned with policy. This includes restarting services, reinstalling software, locking the PC, or other actions as needed.
  • Monitors for changes in state, such as IP, location, software, network usage, etc. State changes may trigger reauthentication, as needed.
  • Maintains and confirms the “known good sources” when repairing or rebuilding a system. This ensures that no application or OS component will be compromised.
  • Prevents user interaction or login until the entire security stack has been applied and is functional.

Limit the Impact of a Breach

To fulfill the zero trust security requirement to limit the impact of a breach, Swimage:

  • Locks access to critical system files in order to maintain system integrity.
  • Encrypts all server communication with private key hashes with multiple verification points.
  • Responds in seconds to a breach and takes appropriate action to remediate the problem across the entire network.
  • Immediately disables the network, locks the system, and initiates a full redeployment from validated sources.
  • Executes actions regardless of PC location or state.
  • Rebuilds the entire system – restoring all applications, security policies, settings, and data from known good sources.

Fully Automate Data Analytics and Responses

To fulfill the zero trust security requirement to fully automate data analytics and responses, Swimage:

  • Provides administrators full visibility into the current status of all endpoints with an intuitive and customizable portal.
  • Monitors and applies instant lock or remediation actions based on configurable rules.
  • Takes actions using graduated alert levels, including actions to report, lockout, remediate, or redeploy.
  • Provides real-time status data processing and rule enforcement using automated response mechanisms.