Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Looking for an Understandable Definition of Zero Trust Security?
August 17, 2021
CrowdStrike published an excellent post on this topic on May 6 – which I only just caught up with.
Best to read the whole thing (and a nice graphic too), but let me give a couple of excerpts:
“Zero Trust is a security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. Zero Trust assumes that there is no traditional network edge; networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location.”
“Execution of this framework combines advanced technologies such as multi factor authentication, identity and access management (IAM), identity protection, and next-generation endpoint security technology to verify the user’s identity and maintain system security. Zero Trust extended also requires consideration of encryption of data, securing email, and verifying the hygiene of assets and endpoints before they connect to applications.”
“Zero Trust architecture therefore requires organizations to continuously monitor and validate that a user and their device has the right privileges and attributes. It requires that the organization know all of their service and privileged accounts and can establish controls about what and where they connect. One-time validation simply won’t suffice because threats and user attributes are all subject to change.”
Hopefully, this is enough to whet your appetite to read the entire post, especially for those who seriously want to understand Zero Trust Security!
Hat tip to Dave Ries.
Notice: The new RSS feed for Ride the Lightning is https://senseient.com/feed/?post_type=ride-the-lightning for those that wish to subscribe in a reader.
Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology