(Image: toodtuphoto via Adobe Stock)
Zero trust sounds so harsh. But real cybersecurity results can come from the harsh-sounding scheme that defines every relationship as fraught with danger and mistrust. Zero-trust security is a common topic of discussion in cybersecurity circles these days, but understanding it goes beyond the name. The simple-sounding strategy comprises several key components.
No Soft, Chewy CenterThe classic network model was described as a hard shell surrounding a soft center. The idea was that perimeter security would be so effective that nothing could get through to the network assets inside. The problem with the model is obvious.
No perimeter can be 100% effective 100% of the time. People began to ask, "How do we protect networks when the assumption must be that attackers will get inside the perimeter?" The answer? More perimeters.
And "zero trust" was the label, coined by John Kindervag, now field CTO at Palo Alto Networks, when he was vice president and principal analyst at Forrester Research.
A Perimeter in Every PotWhat if every network segment, every application, and every critical data resource was its own perimeter requiring authentication? Attackers who made it through the external network perimeter might be limited in the damage they could do,because they could not get into important network and data resources.
In order to make an attacker's job as difficult as possible, authentication requirements can divide the network into many small regions -- a process known as microsegmentation. Each of the segments can be ..
Support the originator by clicking the read the rest link below.
