Zero Trust is a new concept to many but one I believe will be of increasing importance over the coming years. With this post, I wanted to introduce newcomers to the concept, talk about why it’s an exciting approach to improving security, and explore how you can leverage File Integrity Monitoring (FIM) and Security Configuration Management (SCM) tools like Tripwire Enterprise (TE) to assist you on your Zero Trust (ZT) journey.

What is Zero Trust?

First off – let’s start with a definition.

ZT takes the approach that just because your devices or users are behind a corporate firewall, you can’t let your guard down–even a little. The reality is that every new device or user connection is a potential source of risk, and ZT encourages you to react accordingly. If you treat every interaction on your LAN as if it could be a potential source of, or indeed, the result of a breach, the security mandate to apply verification and tracking becomes just as critical for “trusted” users and devices as it does to your traditional untrusted networks.

Once we start to think of all interactions as being unverified, we end up having to consider moving our security focus towards efforts to establish controls that ensure all requests are authenticated and secured (via encryption for example) before access can be granted to corporate resources, and through the use of security intelligence and analytics, responses must be targeted to provide accurate detection, verify authorization, and provide methods to respond to suspicious behavior in real-time.

So what does that mean in real life, and how can you tool up to support a Zero Trust approach inside your network? Zero Trust can be built on a number of key fundamentals, but perhaps the most important are the three items outlined in Microsoft’s (Read more...)