One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1945212 |
| Date de publication | 2020-09-29 05:01:00 (vue: 2020-09-29 05:13:41) |
| Titre | Zero Trust Architecture explained |
| Texte | This blog was written by a third party author. With the increase in frequency, sophistication, and cost of cyberattacks, the global focus on cybersecurity is at an all-time high. However, the goalposts for those tasked with protecting businesses have shifted. Hackers have a growing number of ways they can compromise a business and are frequently looking to move laterally within an organization, using credentialed (and often elevated) access. On top of this, insider threats are on the rise where trusted users take advantage of their access for nefarious purpose. This means that the tried-and-tested concept of perimeter-based security and defenses (where anything located on the corporate network it is assumed to be trusted) is no longer enough. Security teams need to shift their thinking from the perimeter to the authentication and access of resources. This means looking at methods of both restricting access and monitoring access requests to ensure those utilizing the environment are doing so appropriately. This is where a Zero Trust Architecture comes in. What is Zero Trust Architecture? Zero Trust Architecture should be a core part of a company’s cybersecurity planning, combining identify, access policy, authentication, and more. The concept of Zero Trust is “never trust, always verify”, which effectively means assuming that all devices and users represent a potential threat and cannot be trusted until they can be properly authenticated. Once authenticated users are allowed access only to the bare minimum, they need to perform their job efficiently. Therefore, if a device (or user account) is compromised, Zero Trust aims to ensure that the damage is either mitigated (by not allowing access) or, at worst, is limited in scope. The concept of Zero Trust has been growing over the past decade; however, the challenge has been implementing it without sacrificing user experience and productivity. Zero Trust Architecture relies heavily on some critical capabilities – namely identity management, asset management, application authentication, network segmentation, and threat intelligence. The technologies needed to achieve these were once only available to larger organizations but are now readily available in the mainstream. How can an organization implement Zero Trust Architecture? Successfully implementing a Zero Trust Architecture means going beyond rolling out a series of integrated tools and technologies, which are supported by a set of operational policies and authentication requirements. This has to be a strategic initiative that supports the formation of the Zero Trust architecture outside of a tool and technologies acquisition. The latter should outline what Zero Trust will look like as it relates to authorization to specific resources both on-premises and in the cloud, as well as how Zero Trust technologies will interact with data, threat intelligence, public key infrastructure, identity management, and vulnerability management systems. Once this foundation has been established, companies can determine how further to define their Zero Trust Architecture; for example, using software-defined perimeters, micro-segmentation, by identity, or a combination therein. In terms of setting user policy, understating accountability, authority, and capability are critical to establishing the level of trust of an individual user. The implementation of a trust algorithm can involve a score-based approach, as well as contextual based or an approach involving certain criteria that must first be met. When it comes to rolling out the technology to support your Zero Trust environment, it’s advisable to run a pilot program first. This will allow you to get the kinks out, adjust KPIs and teach you how to operate in a ZTA overall with limited impact to your business. Pilot programs should focu |
| Envoyé | Oui |
| Condensat | “never once zero ability able access account accountability achieve acquisition activities activity adjust adjusting advantage advisable against aims algorithm all allow allowed allowing along also always analysis anything application approach appropriately architecture architecture; are asset assumed assuming attacker’s attention authenticated authentication author authority authorization automate automation available bare based basis been before being benefits best better beyond blog both bring business businesses but can cannot capabilities capability case certain challenge cloud combination combining comes companies company’s comparing compromise compromised concept contextual continually contrast control core corporate cost could credentialed criteria critical crown current cyberattacks cybersecurity cyberthreat damage data decade; dedicated defense defenses define defined definition designed desire desired detect/stop determine developed device devices doing draft dynamically effective effectively efficiently effort either elements elevated emerging enough ensure ensures entire environment established establishing even every example exfiltration experience explained external first focus focuses formation foundation framework frameworks frequency frequently from further general get global goal goalposts going government’s granted growing guidance guidelines hackers handle has have heavily help high how however identify identity impact implement implementation implementing improved including including: increase increased individual infrastructure initiative insider institute integrated intelligence interact internal involve involving it’s jewel job key kinks kpis larger laterally latter least level like limit limited load located longer look looking lowered mainstream making manage management maximized means met methods micro minimize minimum mirrors mission mitigated monitoring more move moving must namely national need needed nefarious network networks nist not now number often once one only operate operational organization organizations other out outcomes outline outside over overall part parts party past per perform perimeter perimeters pilot place planning point policies policy possibility posture potential practices premises principles process productivity program programs proper properly protecting protection provide public publishing purpose readily recently reduce reduced relates released reliance relies remains represent request requested requests require requirements resource resources restricting rise risk rolling run sacrificing say scope score scrutinized security seek seeks segmentation sensitive series session set setting shift shifted should software solutions some sophistication specific specifically standards state status strategic successfully such support supported supports surface systems take tasked teach teams technologies technology terms tested therefore therein these thinking third those threat threats time tool tools top tried trust trusted types ultimate understating until use used user users using utilizing verify” visibility vulnerability ways well what when where whereas whether which will within without workflows worst written your zero zta |
| Tags | Tool Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.