Inner Circle Podcast Episode 017 – Andy Smith Discusses Zero Trust Privilege in the Modern Threatscape
Podcast: Play in new window | Download
Who can you trust? More importantly, how far should that trust extend? Andy Smith, VP of Product Marketing for Centrify, joins me on this episode of the Inner Circle podcast to talk about zero trust privilege.
We talk about the reality of the threat landscape and the fact that attackers generally log in with compromised or stolen credentials. From a traditional authentication perspective, the attacker appears as “legitimate”, and–without additional protection–would have free reign to any assets or data the actual owner of the compromised or stolen credentials has access to.
Zero trust security–or zero trust privilege–takes authentication to the next level. It is a combination of the concept of least privilege access and user behavior analysis to consistently monitor activity and verify the credentials of the individual as the individual moves about the network and access different resources.
It’s crucial for organizations to understand that whether an attack is external or internal, it is most likely going to be executed with verified access using legitimate network credentials. Zero trust privilege raises the bar from standard authentication, or even two-factor authentication or least privilege access to provide stronger access management to guard against these attacks.
*** This is a Security Bloggers Network syndicated blog from Security – TechSpective authored by Tony Bradley. Read the original post at: https://techspective.net/2019/01/05/inner-circle-podcast-episode-017-andy-smith-discusses-zero-trust-privilege-in-the-modern-threatscape/
