TIPS FOR IMPLEMENTING ZERO TRUST – TAKING TRUST AWAY FROM SECURITY
Matthew Heap , Head of Solution Architecture , APJ for Rackspace Technology , advises tech leaders how to get their bearings with Zero Trust as they start to think about how they might implement .
hether it ’ s between
W leaders , managers and workers , vendors and customers , or companies and regulators , trust lowers the barriers to co-operation and keeps things moving smoothly .
Still , most businesses – and people – recognise that to be too trusting too soon can be a serious disadvantage .
For one emerging network security model , any trust at all is too much . We ’ re talking about Zero Trust , an approach to security that ’ s experienced skyrocketing interest this past year as enterprises have seen their traditional network perimeters stretched perilously thin by mass remote working and expansion to public cloud and SaaS applications .
In simple terms , Zero Trust means ‘ never trust , always verify ’. Zero Trust has become a hot topic for executives since remote access rapidly expanded due to COVID-19 and there was an increase in adversaries looking to exploit remote users and computers .
Never trusting and always verifying is more rigourous , proactive and responsive than just building perimeter defences to keep malicious actors out of networks , multi-cloud workloads and applications , along with remote access from anywhere on any device , perimeter-based trust models are increasingly failing to provide appropriate safeguards .
In 2020 , Forrester predicted that Asia Pacific will finally catch up on Zero Trust adoption . Although Zero Trust adoption in Asia Pacific has lagged behind its global peers , the acceleration of cloud adoption and an explosion in remote work as well as changing regulations and consumer behaviours make it ripe for change . Forrester anticipates that at least one government in Asia Pacific will embrace a Zero Trust cybersecurity framework in 2021 .
Matthew Heap , Head of Solution Architecture , APJ for Rackspace Technology
Yet for all its rewards , Zero Trust implementation is a complicated endeavour . Apart from the technical challenges , success depends on engaging and activating multiple stakeholders from across the business and providing a lot of user hand-holding .
This article will help tech leaders get their bearings with Zero Trust as they start to think about how they might implement it themselves .
Exploring the technical aspects of Zero Trust
In practical terms , effective Zero Trust implementation requires not just technology , but also policy and process . It ’ s not a switch which IT teams can flip or a product or service that they can buy , but it does require a blend of tooling distinct from that used in traditional perimeter-based security .
Wrapped around these solutions are strict policies defining which users and devices can access which resources ; there can be no more free and open access . Defining these policies and enabling their implementation can be a heavy lift . It requires the understanding of application workflows and dependencies , but there are automation and AI-based solutions to ease some of the burden and the benefit to both security and operations is
74 www . intelligentciso . com