{"id":16719,"date":"2019-10-29T09:00:31","date_gmt":"2019-10-29T17:00:31","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/10\/29\/news-10458\/"},"modified":"2019-10-29T09:00:31","modified_gmt":"2019-10-29T17:00:31","slug":"news-10458","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/10\/29\/news-10458\/","title":{"rendered":"Improve security with a Zero Trust access model"},"content":{"rendered":"

Credit to Author: Todd VanderArk| Date: Tue, 29 Oct 2019 16:00:48 +0000<\/strong><\/p>\n

Zero Trust is a security model that I believe can begin to turn the tide in the cybersecurity battles. Traditional perimeter-based network security has proved insufficient because it assumes that if a user is inside the corporate perimeter, they can be trusted. We\u2019ve learned that this isn’t true. Bad actors use methods like password spray and phishing to take advantage of a workforce that must remember too many usernames and passwords. Once behind the corporate firewall, a malicious user can often move freely, gaining higher privileges and access to sensitive data. We simply can\u2019t trust users based on a network as the control plane.<\/p>\n

The good news is that there is a solution. Zero Trust is a security strategy<\/a> that upends the current broad trust model. Instead of assuming trustworthiness, it requires validation at every step of the process. This means that all touchpoints in a system\u2014identities, devices, and services\u2014are verified before they are considered trustworthy. It also means that user access is limited to only the data, systems, and applications required for their role. By moving from a model that assumes trust to one that requires verification, we can reduce the number and severity of security breaches.<\/p>\n

You can begin implementing a Zero Trust access model now. Expect this to be a multi-year process, but with every action, you\u2019ll make incremental progress that improves your security posture. Start with implementing Multi-Factor Authentication (MFA) to better protect your identities and then develop a phased plan to address identity access, device access, and network access. This is the approach that Microsoft has taken.<\/p>\n

Take a look at our Zero Trust access model implementation plan<\/a> for more ideas on how to structure each phase. You can also look at my advice on preparing your organization for passwordless<\/a> for tips on better securing your identities.<\/p>\n

We are on this journey together. I will continue to share insights and advice in the coming months and years.<\/p>\n