Written by Ricardo Villadiego on August 28, 2018
It's Time to Stop Implicitly Trusting Network Users
The Zero Trust model is reshaping the security landscape and pushing organizations to change the way they think about network protection.
There is a reason that you keep hearing about Zero Trust. Forrester originally coined the term based on the idea that neither internal nor external networks can be trusted. Put simply, Zero Trust just makes sense from a security perspective.
There are three main concepts of Zero Trust, according to Forrester:
- First, removing the concept of trust from a network automatically ensures that all resources are securely accessed — no matter who creates the traffic, or from where it originates.
- Next, by adopting a least privilege strategy that enforces access control, human temptation to access restricted resources is eliminated. A least privilege strategy should provide precise, fine-grained control of user access to resources, adjust user access dynamically based on context, and ensure the software defined perimeter (SDP) system is inaccessible to unauthorized users.
- Finally, Zero Trust allows for you to continuously inspect user traffic for signs of suspicious activity and log and analyze all network traffic. This detects unauthorized access attempts, reduces noise for improved security analyst efficiency, and provides compliance reporting needed in today’s highly regulated landscape.
Businesses and security professionals love the concept of Zero Trust, but what is the best way to successfully implement all three of Forrester’s concepts?
In my most recent article published by Forbes, I discuss the Zero Trust security model in detail, as well as the software defined perimeter, a new type of security architecture that focuses on user identity rather than the various resources and applications they might use.