The concept of a zero trust architecture in today’s IT environment is steadily gaining traction. Reports of security breaches are a near-everyday occurrence, so it only makes sense that IT admins would begin exploring new, innovative approaches for keeping their IT networks secure. You don’t need to be an IT admin to see that traditional models for security have broken down, but often, it’s not because these models were bad or poorly constructed. Mainly, it’s because the IT landscape has shifted so dramatically around them.
After surveying the widespread panic caused by security breaches, most IT admins would agree that a zero trust architecture is a viable strategy. The challenge now is, of course, how do IT organizations implement zero trust architecture effectively from their current position?
From Castles to the Cloud
For IT security over the last two decades, the fundamental concept has been to protect the most critical digital assets by storing them at the core of the organization. From this centerpiece, rings of security are placed around the most critical digital assets with things like encryption, host intrusion detection, file integrity monitoring, firewalls, network intrusion detection, VPNs, and much more. Like a maze or a castle with walls and a moat, a hacker would need to find a way through that deterring combination of security solutions to get to the core.
As mentioned previously, however, the IT landscape has been shifting, and two sequences started to unfold. First off, hackers realized an alternate route into the core by changing their plan of attack, redirecting their efforts towards stealing users’ credentials instead. By having a set of keys to all of the locks, hackers were able to bypass any of the moats and mazes for security, and just walk across the drawbridge, so to speak. IT admins saw this and began to realize that identity security was perhaps the most critical area to focus on going forward.
The next development involved the structure of IT organizations in general, as critical data was no longer being stored exclusively at the center. Now, data was being stored and accessed everywhere: (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by George Lattimore. Read the original post at: https://jumpcloud.com/blog/zero-trust-architecture/