Zero Trust— the vigilant enterprise

/in


The Zero Trust Architecture

In the traditional system of trusted access, a high-security clearance person entity could access the entire IT system or most of it depending on the job’s requirement. However, ZTA operates on a ‘Deny by Default’ and ‘Always Verify’ principles. This means that access needs to be defined for not only the person entity but also for the non-person entity (device, network, application and data being accessed); and is limited to that specific purpose. The access is continuously evaluated throughout its process lifecycle in terms of trust and the risk associated. Based on the changes in metrics, the ZTA dynamically enforces the privilege associated with each access.

Every time a person or a non-person entity with elevated privileges seeks access, ZTA allows a continuously evaluated access lifecycle based on a combination of historical and current trust scores. For instance, the principle treats application access as separate from network access; connecting to a network does not mean access to an application too. This prevents malicious actors’ lateral movement and contains the blast radius of a potential breach. Even if the malicious actor is in possession of leaked person entity credentials, the approach of “Never Trust, Always Verify” limits the damage and prevents a potential breach. 

ZTA protects a firm from external as well as internal threats. Segmenting the network into countless micro-perimeters prevents infiltrators from progressing towards the core data. In addition, it constantly verifies users and devices.

Cyber AI and ML further strengthen ZTA’s ability to continuously evaluate the trust associated with each access and enforce dynamic policies to create a more robust cyber defense architecture. This results in an enhanced user experience, agility, and adaptability while making policy management stronger. Cloud-based ZTA also increases scalability and ease of adoption.

Implementing ZTA

According to Gartner, 60% of organizations will embrace ZTA as a starting point for security by 2025. However, the approach requires a cultural shift in thinking and communication, as it is not a single technology,…

Source…