BleepingComputer reports that new maturity guidance for the zero-trust network and environment pillar has been unveiled by the National Security Agency to curb network compromise.
Important to achieving zero trust in the network and environment component are data flow mapping, which entails proper data storage and processing; macro segmentation, which involves the establishment of network areas to limit lateral network movement; micro segmentation, which warrants user, app, and workflow isolation to minimize attack surfaces; and software-defined networking, which allows tailored micro segmentation controls, according to the NSA guidance, which detailed four different maturity levels for each of the components.
"The network and environment pillar isolates critical resources from unauthorized access by defining network access, controlling network and data flows, segmenting applications and workloads, and using end-to-end encryption," said the NSA. Such a development comes nearly a year after the agency's unveiling of maturity guidance for the zero-trust framework's user component and more than three years after the initial zero-trust framework guide was released.
