Zero Trust Security

Posted by shentanli on March 08, 2020 · 2 mins read

Now, CIOs, CISOs and other corporate executives are increasingly implementing Zero Trust as the technologies that support it move into the mainstream, as the pressure to protect enterprise systems and data grows significantly, and as attacks become more sophisticated.

What’s Zero Trust?

The Zero Trust Network, or Zero Trust Architecture, model was created in 2010 by John Kindervag, who at the time was a principal analyst at Forrester Research Inc.
Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.

Why Zero Trust?

Security and technology experts say the castle-and-moat approach isn’t working. They point to the fact that some of the most egregious data breaches happened because hackers, once they gained access inside corporate firewalls, were able move through internal systems without much resistance.
If you trust everything, then you don’t have a chance of changing anything security wise.

The technologies behind Zero Trust

The Zero Trust approach relies on various existing technologies and governance processes to accomplish its mission of securing the enterprise IT environment.
To make the endpoint secure, Zero Trust draws on technologies such as multifactor authentication, IAM, orchestration, analytics, encryption, scoring and file system permissions. Zero Trust also calls for governance policies such as giving users the least amount of access they need to accomplish a specific task.

Get started with Zero Trust

Developing a Zero Trust environment isn’t just about implementing these individual technologies. Instead, it’s about using these and other technologies to enforce the idea that no one and nothing has access until they’ve proven they should be trusted. There is a simple five-step method:

  1. Identify the protect surface
  2. Map the transaction flows
  3. Build a Zero Trust architecture
  4. Create Zero Trust policy
  5. Monitor and maintain

REFERENCE

  1. CSOonline.
  2. Paloaltonetworks.