The widespread adoption of public cloud services and the growth of the mobile workforce have rendered perimeter-based security models obsolete. An organization’s applications and data are likely to exist both inside the traditional firewall and beyond it. Security and IT teams can no longer assume that users and their devices (both personal and corporate) on the network are any safer than those on the outside. Perimeter controls do little to prevent an attacker from moving laterally on the network after gaining initial access to it.
What’s needed is a pivot to “boundaryless”security, known more commonly as Zero Trust. In a Zero Trust model, all users and devices—both inside and outside the corporate network—are deemed untrustworthy. Access is granted based on a dynamic evaluation of the risk associated with each request. The same security checks are applied to all users, devices, applications, and data every time.
Getting to a Zero Trust model can take years of effort and require collaboration across the enterprise. If you are committed to deploying a Zero Trust model, or even if you’re just considering it, here are 10 tips to help make your journey a bit smoother.
No comments:
Post a Comment