If your network has a perimeter, it will someday be breached. That's both the lesson the "real world" works so hard to teach and the premise behind a key security model: zero trust.
"Don't trust, and verify" might be a nutshell description of the zero trust model — "don't trust" because no user or endpoint within the network is considered intrinsically secure, and "verify" because each user and endpoint accessing any resources of the network must authenticate and be verified at every point, not just at the perimeter or large network segment boundaries.
This often-repeated authentication throughout the network and application infrastructure relies on the concept of "microsegmentation," in which boundaries are defined around individual applications and logical network segments. This kind of frequent check point can go a long way toward putting an end to lateral infection in malware outbreaks, and it doesn't have to be as cumbersome to users as it sounds — as long as technology is used to deal with some of the logins and authentications along the way.
While the concept behind the zero trust model is simple, implementation can be anything but. Before a company decides to invest in the technology and processes, it should understand what is involved in the model and its application. Dark Reading has identified seven issues to resolve before launching into a zero trust environment.
If you have helped your organization move to a zero trust environment, we'd like to hear about your experience. Do you agree with our list? DId you find other issues more important? Let us know in the comments, below.
(Image: whyframeshot VIA Adobe Stock)