Wednesday, November 3, 2021

Software-defined perimeter is a good place to start a rollout of Zero Trust network access

Zero Trust relies on continuously re-authorizing users, applications, and devices to establish myriad “perimeters of one” in the environment, but the name isn’t quite accurate.

Zero Trust doesn’t literally mean zero trust; it means zero implicit trust. You—whether that means a person, or a software or hardware system—are not to be trusted simply by virtue of where you are on the network; there is no network perimeter within which you are automatically trusted to connect to services. And you are not to be trusted now just because you were trusted when you first gained access to the network; gaining admission once is not the same thing as ongoing trust. And you are not to be trusted to make the new service connection you are trying to make now just because you were trusted to make the previous one.

To read this article in full, please click here


Thanks to John Burke (see source)

No comments:

Post a Comment