Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
7 Steps for Navigating a Zero-Trust Journey
Don't think of zero trust as a product. Think of it as "how you actually practice security."
Few technology concepts have been more confused and distorted as zero trust. The Biden administration has endorsed zero trust. The security industry has endorsed it. Yet security pros are still left wondering whether it’s a concept and philosophy – or simply a product a company can install?
Vendors continue to muddy the waters by talking about their “zero-trust solution,” but as Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, explains: “Think of zero trust as a way to operate the business in a secure way. It’s about how you actually practice security. There may be products with zero-trust-like features, but all you’ve done is implement a feature that applies a zero-trust principle.”
So for this feature we talked to security pros, and they all agree: Zero trust is not a product a security team can purchase and install. While tools like single sign-on (SSO), multi-factor authentication (MFA), and identity management enable zero trust, it’s important to view zero trust as a move away from perimeter security based on firewalls and to a modern approach that uses cloud-based mobile authentication tools that let people securely work from anywhere.
The following seven tips offer a road map for understanding the shift in mindset and what companies need to start their zero-trust journey.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024