PowerON Secure Access Framework: Typical Roadmap

This is the final blog in our series introducing the PowerON Secure Access Framework.

If you haven’t had a chance to read our previous blogs in the series, check them out now:

Unless there is an urgent, business driven requirement projects of this scale and nature typically have taken 1 – 2 years to implement fully. This enables costs to be distributed, new processes to be engrained, feedback and learnings to be integrated and overall minimises business disruption. To assist with planning, PowerON typically recommend the following five phases:

Prerequisites and Discovery (Phase 1)

In this phase PowerON works with the business to identify and remediate any glaring security vulnerabilities. There is no point progressing if half the organisation are domain admins and/or basic operational and management procedures aren’t in place. We also work to understand and fit the overall framework into the needs of the organisation.

Timescales: 1-3 months

Security Achieved: Basic issues remediated, baseline achieved for future projects.

Secure Access Framework Foundation (Phase 2)

Once the basics are achieved a foundational level of security is applied to all devices based on our managed and secure framework. This provides a modern management capability, lifting all user devices into a secure state and requiring Multifactor Authentication or other secure forms of authentication to all users.

Timescales: 3-6 months

Security Achieved: Uplifted minimum security for all devices, Multifactor Authentication for all users and process embedding for key technologies.

Split Administrator (Phase 3)

Perhaps the most involved phase involves splitting administrative work from typical user devices. This involves providing alternative arrangements for the normal work such as a second device or VDI solution as well as restricting traffic and logon rights to enforce these new ways of working.

Timescales: 3-6 months

Security Achieved: Privilege Escalation attacks significantly reduced, lateral movement becomes harder, key staff are better protected.

Split business Admins (Phase 4) 

The final implementation phase of changes relates to key business and application personnel.  These staff often have significant rights to specific parts of the business and can cause significant disruption in their own rights.  Depending on requirements an enhanced standard profile or a reduced admin profile can be used to further protect these people. 

Timescales: 3-6 months 

Security Achieved: Further protection against business specific attacks, greater bedding in of processes. 

Review and remediate (Phase 5)

As with any project which runs for a significant amount of time, things change. It’s important that when coming to the end of the project that a thorough review takes place to ensure that all previous assumptions have either been met or managed and the reality hasn’t left unintended security openings. It also provides an opportunity to look at further enhancements as technology and attacks are constantly evolving

Timescales: One month

Security Achieved: Assurance that project goals have been met, future threat vectors considered.

Overall the PowerON Secure Access Framework sets out a comprehensive, ambitious but realistic approach to enabling Zero Trust security. If you’d like to know more please reach out to your PowerON sales representative or contact sales@poweronplatforms.com.

Leo D'Arcy

Leo D'Arcy

Head of Identity and Access

Connect on LinkedIn

Share on:

Share on facebook
Share on twitter
Share on linkedin

In this article:

Share on facebook
Share on Facebook
Share on twitter
Share on Twitter
Share on linkedin
Share on LinkedIn

Related resources