What Is Zero Trust and Will It Change Security Forever?

What Is Zero Trust and Will It Change Security Forever?
  • Zero trust employs least-privilege access to ensure users can only access resources on a limited basis.
  • Zero trust verifies and authorizes each connection and ensures the interaction meets all requirements set by organizational security policies.
  • It authenticates and authorizes each device, connection, and network flow according to dynamic policies, using context from many data sources.

Why Is Zero Trust Gaining Popularity?

Zero Trust Architecture Principles

Endpoint Threats

Zero Trust Principles

  • Resources-the architecture considers all computing services and data sources as resources.
  • Communication-it secures all communication regardless of the network location, working under the assumption that all networks are hostile and untrustworthy.
  • Sessions-the zero trust architecture grants access to each enterprise resource on a per-session basis.
  • Policies-it uses a dynamic policy to enforce access to resources. The policy includes the observable state of identity, application, device, and network and might include behavioral attributes.
  • Monitoring-the enterprise must monitor assets to ensure all remain in a secure state.
  • Dynamic-resource authentication and authorization is always dynamic and enforced strictly before allowing access.
  • Data-enterprises must collect sufficient information about the current state of communications and network infrastructure, using this data to continuously improve the enterprise’s security posture.

Zero Trust Technologies

Secure Access Service Edge (SASE)

Zero Trust Network Access (ZTNA)

Next-Generation Firewall (NGFW)

  • Integrated intrusion prevention systems (IPSes).
  • Application awareness.
  • Identity awareness through user and group control.
  • Using external intelligence sources.
  • Bridged and routed modes.

Identity and Access Management

Microsegmentation

How Zero Trust Will Change Security

Reducing Friction with Security Teams

Fulfilling an Organization’s Security Needs

Gilad Maayan

--

--

The latest #news, analysis, and conversation on the #InternetOfThings

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
ReadWrite

ReadWrite

65K Followers

The latest #news, analysis, and conversation on the #InternetOfThings