NIST's guidance for a Zero Trust Architecture

Recent AD News

National Security Agency asks organizations to embrace the Zero-Trust security model

The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero Trust within networks.

The Zero Trust security model is a set of IT system design principles and a cybersecurity strategy based on the fact that threats exist both inside and outside traditional network boundaries. Zero Trust challenges the fact that the users, devices, and network components should be automatically trusted based on their location within the network.

The Zero Trust model revolves around comprehensive security monitoring – a mixture of granular, dynamic, and risk-based access control in order to focus specifically on protecting critical data. This security model follows the concept of least privileged access to be applied to every permission decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources. Implementing zero trust takes time and effort, but it doesn’t necessarily have to be done all at once. Many organizations can incorporate certain zero-trust concepts into their existing framework.

Related posts
Recent AD News

Automate access decisions with risk-based contextual authentication

Recent AD News

2020 recorded the highest number of CVE’s to ever be reported

Recent AD News

Microsoft announces Azure Best Practices and Launches Conditional Access Enhancements

Recent AD News

Accellion Zero-Days Responsible for Recent Data Theft and Extortion Attacks

Leave a Reply

Your email address will not be published. Required fields are marked *