Page 192 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 192

2. Use orchestration for DevOps.

            Integrating DevOps with cloud infrastructure tools can help protect data, applications, and workflows
            within cloud platforms when moved to Zero Trust architecture.

            3. Update policies.

            Zero Trust security is a dynamic environment. IT teams should be monitoring both policy violations and
            new connections that might require new policies. Update policies and enact new  ones based on the
            findings. Again, the right policy engine can streamline this.

            4. Extend Zero Trust to endpoints.

            The same principles should be applied to all endpoints within an organization, including servers, laptops,
            PCs,  and  mobile  devices.  Traffic  can  help  to  identify  where  to  direct  IT  attention.  Only  authorized
            processes should run at these endpoints, thereby reducing the risk of cyberthreats.
            Zero Trust architecture should do more than stitch together security protocols. It can help an organization
            establish a set of rules and control to determine which entities can gain access to restricted locations and
            critical information within a company.



            Selecting the Right Zero Trust Vendor

            Not all Zero Trust vendors are created equal. In fact, some tout their products and services as “Zero
            Trust” without following through. This makes the selection process of a Zero Trust vendor suited to your
            organization more important than ever. Here are just a few of the criteria to keep in mind as you arrive at
            a decision:

            • Platform approach.

            A  Zero  Trust  architecture  should  span  the  entire  network,  regardless  of  location.  So  naturally,  point
            security tools cannot achieve unified context and control and will leave organizations with a fragmented
            Zero Trust posture. What’s needed is a single platform that provides end-to-end Zero Trust for workloads,
            users, endpoints, and applications. Such platforms like the eXtended ZeroTrust™ Platform can deliver
            Zero Trust at scale.

            • Cloud delivery.

            If your organization has already made the move to the cloud, look for a Zero Trust vendor that operates
            on cloud platforms. This ensures that the vendor and its security platform can scale with your operations.

            • Scope of capabilities.

            If a vendor doesn’t enable greater visibility and micro-segmentation cloud security, move on. You need
            the ability to monitor the network and divide data assets to limit and respond to cyberthreats.








                                                                                                            192
   187   188   189   190   191   192   193   194   195   196   197