The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process.
Modern infrastructure are complex environments that combine multiple technologies and that are exposed to sophisticated cyber threats.
A Zero-Trust security model eliminates implicit trust in any entities inside or outside the perimeter of an organization, instead, it recommends implementing authorization and authentication for any processes within the company.
“Zero Trust is a security model, a set of system design principles, and coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.” reads the document published by the “This security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information fed from multiple sources to determine access and other system responses.”
This security model assumes a data-centric security approach and is based on security monitoring and granular risk-based access controls. The model applies the concept of least-privileged access for every resource and decision.
The adoption of this approach for modern dynamic threat environment requires:
For example, adopting a strong multi-factor authentication of users for Zero Trust environments, can reduce the risk of a data breach.
The implementation of this model could be a gradual process that requires additional resources, capabilities, and a strong commitment of the executives.
“NSA recommends embracing the Zero Trust security model when considering how to integrate Zero Trust concepts into an existing environment.” concludes the document. “Zero Trust efforts should be planned out as a continually maturing roadmap, from initial preparation to basic, intermediate, and advanced stages, with cybersecurity protection, response, and operations improving over time.”
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, cybersecurity)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.