distributed work environment due to the pandemic that started in 2020.
Zero Trust architecture therefore requires organizations to continuously monitor and validate that a user and their device has the right privileges and attributes. It also requires enforcement of policy that incorporates risk of the user and device, along with compliance or other requirements to consider, prior to permitting the transaction. It requires that the organization know all of their service and privileged accounts, and can establish controls about what and where they connect. One-time validation simply won’t suffice, because threats and user attributes are all subject to change.
As a result, organizations must ensure that all access requests are continuously vetted prior to allowing access to any of your enterprise or cloud assets. That’s why enforcement of Zero Trust policies relies on real-time visibility into 100s of user and application identity attributes such as:
· User identity and type of credential (human, programmatic)
· Credential privileges on each device
· Normal connections for the credential and device (behavior patterns)
· Endpoint hardware type and function
· Geo location
· Firmware versions
· Authentication protocol and risk
· Operating system versions and patch levels
· Applications installed on endpoint
· Security or incident detections including suspicious activity and attack recognition
The use of analytics must be tied to trillions of events, broad enterprise telemetry, and threat intelligence, to
ensure better algorithmic AI/ML model training, for hyper-accurate policy response. Organizations should thoroughly assess their IT infrastructure and potential attack paths to contain attacks and minimize the impact if a breach should occur. This can include segmentation by device types, identity, or group functions. For example, suspicious protocols such as RDP or RPC to the domain controller should always be challenged or restricted to specific
credentials.
More than 80% of all attacks involve credentials use or misuse in the network. With constant new attacks against credentials and identity stores, additional protections for credentials and data extend to email security and secure web gateway (CASB) providers. This helps ensure greater password security, integrity of accounts, adherence to organizational rules, and avoidance of high-risk shadow IT services.
The term “Zero Trust” was coined by Forrester Research analyst and thought-leader John Kindervag, and follows the motto, “never trust, always verify. ” His ground-breaking point of view was based on the assumption that risk is an inherent factor both inside and outside the network.
Zero Trust, while described as a standard for many years, has increasingly been formalized as a response to securing digital transformation and a range of complex, devastating threats seen in the past year.
While any organization can benefit from