How to Design a Zero Trust Strategy


            for Remote Workers


            By Federico Charosky, Founder and CEO, Quorum Cyber


            The modern workforce expects to work anywhere from any device. To support this approach investment
            is needed in a broader security program beyond the network. Identity is the new security perimeter as
            complemented by intelligently managed devices, the applications they run and the data they access.

            To answer the question of designing a secure solution for remote workers we need to start by setting
            some context. First, what is zero trust? This has three pillars which are explained below but can also be
            encapsulated by the idea that the network carries little trust. The concept of coming to an office to plug
            into a network point or WiFi to get full access to an organization’s resources is swiftly receding. The
            network has too much of an attack surface, too many hidden doors and is stretched to breaking point
            (VPN anyone?) to provide a reliable security perimeter. Instead of the network, a zero-trust strategy
            implies:

               1.  Authenticate. Always and often. Normally user authentication with a username and password,
                   but a lot more in the future.




            Cyber Defense eMagazine – June 2024 Edition                                                                                                                                                                                                          214
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.