Trust Scoring Calculation

A conceptual overview of the Trust calculation, a part of Cloud Secure Edge’s Granular Trust Scoring feature

  • Updated on May 21, 2024

Trust Calculation Overview

Trust Scoring is the calculation of a device’s Trust Level. The calculation takes into account all Trust Factors applied to a device as well as the Trust Effect assigned to each Trust Factor. The result of this evaluated information is a single Trust Level, which describes the device’s overall security posture.

Each Trust Factor applied to a device has an admin-assigned Trust Effect. The Trust Effect determines the impact on a device’s Trust Level when the applied Trust Factor is not satisfied.

In the Trust Scoring calculation, Trust Effects are not weighed equally; the most restrictive Trust Effect takes precedence over all other Trust Effects. The order of Trust Effect restrictiveness (from most restrictive to least restrictive) is as follows:

  1. Always Deny: device is denied access to all Cloud Secure Edge (CSE) services

  2. Low Trust Level: If this factor is not satisfied, the device’s Trust Level will be set to low.

  3. Medium Trust Level: If this factor is not satisfied, the device’s Trust level will be set to medium.

Therefore, the most restrictive Trust Effect of an unsatisfied Trust Factor determines the output of the Trust Scoring calculation.

Trust Calculation Example

Example: An admin applies 3 Trust Factors to a device: Firewall, Auto Update, and Disk Encryption. The admin then assigns a Trust Effect to each of these applied Trust Factors, as follows:

  • Auto Update: Trust Effect = Medium Trust Level
  • Disk Encryption: Trust Effect = Always Deny
  • Firewall: Trust Effect = Low Trust Level

Case 1: The device satisfies the requirements of Auto Update and Disk Encryption but does not satisfy Firewall.

Input 1: Auto Update (satisfied) – Effect: Medium = TS stays High
Input 2: Disk Encryption (satisfied) – Effect: Always Deny = TS stays High

Input 3: Firewall (NOT satisfied) - Effect: Low = TS is set to Low Trust Level
Output: Low Trust Level

Case 2: The device satisfies the requirements of Auto Update, but does not satisfy Disk Encryption and Firewall.

Input 1: Auto Update (satisfied) – Effect: Medium = TS stays High
Input 2: Disk Encryption (NOT satisfied) – Effect: Always Deny = TS is set to Always Deny
Input 3: Firewall (NOT satisfied) - Effect: Low = TS is set to Always Deny
Output: Always Deny

Our Recommendations

  • By default, all Trust Factors have an Effect of Low Trust Level.
  • If you require a Trust Factor to be mandatory, the recommendation is to set the Effect to Always Deny.
  • If you’re testing a new Trust Factor, and you want to see the which devices satisfy the Trust Factor without impacting access, the recommendation is to set the Effect to No Effect.