摘要: Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.
▲圖片標題(來源:Ton Snoei via Alamy Stock Photo)
Zero trust is the latest buzzword thrown around by security vendors, consultants, and policymakers as the panacea to all cybersecurity problems. Some 42% of global organizations say they have plans in place to adopt zero trust. The Biden administration also outlined the need for federal networks and systems to adopt a zero-trust architecture. At a time when ransomware continues to make headlines and break new records, could zero trust be the answer to ransomware woes? Before we answer this question, let's first understand zero trust and its core components.
What Is Zero Trust?
The concept of zero trust has been around awhile and is most likely an extension of least privilege access. Zero trust helps to minimize the lateral movement of attackers (i.e., techniques used by intruders to scout networks) through the principle of "never trust, always verify." In a zero-trust world, there is no implicit trust granted to you (regardless of where you're logging in from or the resources you are trying to access) just because you're behind the corporate firewall. Only authorized individuals gain access to select resources as needed. The idea is to shift the focus from a perimeter-based (reactive) approach to a data-centric (proactive) one.
Core Components of Zero Trust
To effectively implement zero trust, organizations must understand its three core components:
Read the full article on Dark Reading
轉貼自: Information Week
若喜歡本文,請關注我們的臉書 Please Like our Facebook Page: Big Data In Finance
留下你的回應
以訪客張貼回應