Page 189 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 189

Even President Joe Biden is among the proponents of Zero Trust architecture. As this wide embrace of
            Zero Trust is growing, security professionals want to know how they can make Zero Trust a reality for
            their enterprise. Many are coming to learn that Zero Trust is a journey, and understanding this journey is
            the first step down the path.


            If you wish to dive deeper into the topic of Zero Trust, we’ve made a FREE copy of the first and only “The
            Definitive Guide to Zero Trust Security“ available to all Cyber Defense Magazine readers.




            First, you may be asking, ‘What is Zero Trust security?'

            Zero Trust security can be summed up with the phrase, “Trust nothing, verify everything.” Resource
            access  within  a  network  is  always  limited  by trust  dimensions —  and  access  is  revoked  if  these
            parameters are ever unmet. It provides a 180-degree turn from traditional security models that provide
            implicit trust within the network.

            For  the  most  part,  the  principles  of  Zero  Trust  architecture  can  be  broken  down  into  the  following
            components:

            • Network traffic is untrusted. This is true even if traffic originates internally. Inspection, authentication,
            and documentation are always necessary.

            • Micro-segmentation is applied. No user can roam freely throughout the infrastructure.

            • Each entity is low trust. An entity will gain only a specific level of trust.

            • Zero Trust doesn’t mean no trust. Upon verification, entities are given appropriate, yet restricted,
            access that is limited to the function they must perform.

            • Trust is dynamic. Trust may be granted, but it isn’t constant.

            • Trust is impartial. All users and entities will be assessed using the same criteria.

            • Least  privilege  access always  applies.  Trust  is  granted  based  on  what’s  needed  to  perform  the
            entity’s intended functions.

            When each of these principles comes together, IT teams can achieve long-term cyber resiliency.



            The Benefits of Zero Trust Security

            • Secure cloud migrations.

            IT teams gain the ability to visualize, monitor, and control network traffic with platforms like the Xtended
            ZeroTrust™ Platform — even those running in virtual machines and containers. If integrated with cloud
            management  tools,  Zero  Trust  also  ensures  that  security  policies  move  with  workloads  upon  cloud
            migration.






                                                                                                            189
   184   185   186   187   188   189   190   191   192   193   194