Page 230 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 230

The continuous improvement of Zero Trust in theory and practice has gone beyond micro-segmentation,
            software-defined perimeter, and evolved into adaptive identity-based security solutions.



            Steps to building a Zero Trust for a perimeter-based network

            For an organization looking to deploy Zero Trust, a survey of assets, subjects, data flows, and workflows
            is a good place to start. This will provide enterprises with detailed information on the current state of
            assets before introducing any new business processes. The implementation of ZTA can be broken down
            into several steps:



            Identify enterprise subjects: The policy engine must possess knowledge regarding all enterprise subjects,
            especially privileged users. The architecture is built in an inclusive way to provide IT administrators the
            flexibility to perform business-critical tasks.



            Identify enterprise-owned assets: The key component of ZTA requires identifying and monitoring both
            enterprise-owned and non-enterprise-owned devices on the enterprise network. Hardware components,
            virtual assets and BYOD assets are continuously logged and monitored to ensure that the policy engine
            has detailed information while making resource access decisions.



            Identify key processes: The enterprise identifies and ranks business processes as perceived by their
            importance.  Low-risk business processes are transitioned during the initial migration, whereas mission-
            critical  processes  are  migrated  later.  In  a  perimeter-based  architecture,  it  is  often  difficult  to  make
            enterprise resources available to remote employees. In such cases, transitioning cloud-based resources
            to Zero Trust architecture benefits remote employees in availability and security. The policy enforcement
            points ensure that all subject requests follow access policies to gain access to resources.



            Creating  policies  for  the  Zero  Trust  environment:  The  enterprise  identifies  the  value  of  subjects,
            workflows,  and  business  processes  based  on  the  risk  associated  with  them.  After  this  point,  the  IT
            administrators determine which trust algorithm variation can be followed to ensure that all enterprise
            policies are extensive and effective.



            Identify  solutions:  The  enterprise  architects  decide  on  the  deployment  model  and  the  solution
            components based on key business processes and their valuation.










                                                                                                            230
   225   226   227   228   229   230   231   232   233   234   235