50 likes | 116 Vues
The Zero Trust Model was developed by John Kinervag in 2010 and has become one of the mainstream buzzwords around information security. This model helps prevent potential data breaches by placing the least amount of trust in a network and system architecture of an organization, and by ensuring that all components trying to connect to the system are verified before access is granted.<br>For more information visit us at: https://www.foxpass.com/zero-trust-model
E N D
Principles of the Zero Trust Model www.foxpass.com
Zero Trust Model Deploy the Least Privilege Model Log Everything Authenticate and Verify Access User access must be limited to allow them access only to the resources they need to do their job. By limiting each user's access, you can limit attackers from gaining access to all resources of the organization with a single compromised account. Another aspect of the Zero Trust Model, which also aligns with several security compliances is logging. The model’s definition implies that everything ranging from network calls, access requests, file access, email, etc. The Zero Trust Model does not trust anyone from within or outside of the company. Hence, one of its main principles is to ensure verified authentication and access to all organizational resources
The Architecture of the Zero Trust Model Zero Trust Data Zero Trust Network Zero Trust People One of the most important aspects of the Zero Trust Model is the data. Since data is the main target for an insider as well as outsider attackers, it is the most important part of the Zero Trust architecture that must be secured. Since people are the weakest link in security, they must be monitored, limited and their access should be managed strictly. People should not be trusted in the Zero Trust Model and must be verified and checked at all available instances. Networks are used to steal data, hence this is another component that must be segmented, isolated, and restricted with firewalls.
How to Deploy the Zero Trust Model? Following the Zero Trust Model is not about deploying policies and creating architecture once, but it is about constant monitoring, maintaining, and updating the model as time passes. Make sure to identify new sensitive aspects of the infrastructure, update policies according to the new transaction flows, and maintain the Zero Trust environment at all costs. Map how user access takes place, how the workflow occurs, and what can be done to ensure that the Zero Trust Model is incorporated into the generic system workflow.Create well-written policy documents that incorporate all the Zero Trust Model principles.
Contact US www.foxpass.com +1 415-805-6350 neel@foxpass.com