A Zero Trust architecture abolishes the idea of a trusted network inside a defined corporate perimeter. It mandates that enterprises create micro-perimeters of control around their sensitive data assets to gain visibility into how they use data across their ecosystem to win, serve, and retain customers.
Just like a zero-tolerance policy makes no exceptions to a rule, a Zero Trust strategy essentially trusts nothing and makes no assumptions on the trustworthiness of identities or peer systems. The approach doesn’t differentiate between internal and external network traffic, because doing so would be making an assumption or exception to the rule. Therefore, it treats all traffic and users the same–regardless of origination. This foundational “ground rule” sets the tone for building a complete Zero Trust architecture which essentially hardens the security of all important infrastructure making access to the data much more restricted, and hence much more resilient to attack.
While some argue that the basic concept of Zero Trust has been around for more than 20 years as the “original best practice” for firewalls and network security, the term itself started to gain traction in 2010 among analysts at Forrester.
Zero Trust is also being associated with the popular SASE security model, or Secure Access Service Edge. That’s because SASE solutions and frameworks include Zero Trust Network Access (ZTNA) solutions. What is ZTNA? Think of it as Zero Trust for network access security. As a network-level realization of the overall Zero Trust model of cybersecurity, these tools apply Zero Trust’s ground rules to network access.
Source: Forrester — Five Steps to a Zero Trust Network
Zero Trust steps up security because it establishes a discipline around these best practices:
With the status-quo no longer sustainable, CISOs are attempting to address the deficiencies of their traditional security practices. Zero Trust tackles two of today’s biggest underlying security issues:
To build a Zero Trust architecture, follow these basic steps:
In 2021, Zero Trust is demonstrating value as a proven and practical approach for work-from-home security, but the path to get there might be a bumpy one. Enterprises attempting a Zero Trust strategy reported that it requires a philosophical pivot in the way leadership thinks about security. Additionally, CISOs experienced challenges with the resources and tools needed for implementation and deployment. The benefits, however, are outweighing these challenges as Zero Trust prepares the enterprise for success. It’s gaining traction for good reason and there’s no doubt that it’s a strategy that will continue to escalate.
How can you partition networks to avoid complexity? Here’s how Masergy advises IT leaders when it comes to segmenting networks for security purposes.
Data breaches cost $4.24M on average. Use the following four steps to help identify where you are today and what you should do next to improve your security posture.
Here we explore the SASE plans companies are making and the difficult questions they address along the way.