With so many breaches occurring worldwide and so many organizations and consumers being impacted, IT admins are shifting their attention to a zero trust security model. This concept has been around for a few years, but as digital assets become increasingly difficult to protect, the zero trust security approach is picking up serious traction.
Layered Security is Protection of the Past
Fundamentally, dramatic changes in the IT network are driving this new approach to security. In the past, IT organizations worked with digital assets from the core of their network and then placed rings of security around those assets. This approach was often termed “defense in depth” or “layered security,” and the basic premise was that an attacker would need to penetrate through multiple layers of security—network, application, host, and data for example—in order gain access to the most critical digital assets.
This defense-in-depth approach made sense when the network was on-prem and largely Windows-based. The first ring of defense was a frontline of solutions to control access to the network, such as Microsoft Active Directory® (MAD), firewalls, domain controllers, and more. The second ring of defense restricted access to particular sets of data and applications, and was tightly controlled by the directory service or identity provider. Lastly, if an attacker made it through those, various endpoint management and server management security tools existed to protect the host, operating in tandem with encryption tools for the data. All of these rings worked in concert to create the layered security model.
The Need for a Zero Trust Security Model
Nowadays, networks are no longer on-prem and Windows®-based, and the security model is shifting to reflect this. With the elimination of the network perimeter and critical digital assets living in a wide variety of systems provided by various providers, the concept of security must change. Top that off with the Internet café-style WiFi model and a mobile workforce, and it makes a lot of sense that the zero trust security model is “poised to transform enterprise networking.”
This new approach takes the zero trust model and (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by George Lattimore. Read the original post at: https://jumpcloud.com/blog/zero-trust-security-model/