Page 191 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 191

1. Map the environment.

            Mapping the  environment  gives IT  teams  a  clearer  picture  of  the task ahead. With most  companies
            containing many moving parts, start with one application or workload to get a grasp on the number of
            users, amount of traffic, required applications, and connections between all entities.

            2. Define trust zones.

            Trust zones are basically data assets that should be segmented, monitored, and protected as units, falling
            under a set of access policies. Automation can assist in identifying trust zones by looking at workloads
            in the same network segment, but always make sure to have human administrators verify that zones
            align with business practices.

            3. Create security policies.


            Security policies will dictate access not only to assets, but also between trust zones. Powerful policy
            engines will help by recommending policies, which will streamline the process.

            4. Observe traffic between trust zones.

            Schedule an observation period to capture the traffic patterns between established trust zones. You may
            find  that  certain  parties  need  access  to  perform  urgent  tasks,  and  setting  authentication  boundaries
            between these zones could impact mission-critical activities. This is part of “building the muscle,” which
            will get stronger over time.

            5. Monitor and refine zones and policies.

            Applications come and go. Workflows change. Team members are always on the move. Naturally, you’ll
            need to track and adapt the policies that protect high-value assets. It’s important to build in some flexibility
            and adaptability into Zero Trust architecture and the security tools used to enforce authentication.

            For the ultimate breakdown of Zero Trust best practices and implementation, download a free copy of
            the first and only “Definitive Guide to Zero Trust Security.”



            Best Practices for Zero Trust Implementation:

            With Zero Trust implementation being a new initiative, the chances are good that your organization will
            experience some growing pains with Zero Trust architecture. This isn’t uncommon — nor should it serve
            as an excuse to abandon the new measures. In our experience, these tactics can often be of benefit:


            1. Go zone by zone.
            “Boiling the ocean” is never a good idea with Zero Trust architecture. Instead, enforce policies trust zone
            by trust zone. Perhaps start with your highest-value application and expand out from there.










                                                                                                            191
   186   187   188   189   190   191   192   193   194   195   196