Zero Trust is rapidly becoming the security model of choice among IT leaders as it is a valid and trusted approach to identity security. With a more intentional method for security and privileged access management, Zero Trust’s mantra of “never trust, always verify” differs from the least privileged model.
A Zero Trust model has defined core tenets per NIST SP800-207. These tenets help vendors design solutions so that technology users can adopt services that enable them to implement the security model in an efficient and predictable way.
The Seven Core Tenets Defined:
- All data sources and computing services are considered resources.
- All communication is secured regardless of network location.
- Access to individual enterprise resources is granted on a per-session basis.
- Access to resources is determined by dynamic policy — including the observable state of client identity, application/service, and the requesting asset — and may include other behavioural and environmental attributes.
- The enterprise monitors and measures the integrity and security posture of all owned and associated assets.
- All resource authentication and authorization are dynamic and strictly enforced before access is allowed.
- The enterprise collects as much information as possible about the current state of assets, network infrastructure and communications and uses it to improve its security posture.
Download this whitepaper by One Identity for more information: https://www.oneidentity.com/DTAsia_ZeroTrust_WP
DT Asia became One Identity’s value-added distributor in 2018 with One Identity’s acquisition of Balabit, a company that DT Asia had been working with since 2009, with customers from the government, financial and healthcare industries.