Clearing up the confusion over zero-trust | SC Media
Zero trust

Clearing up the confusion over zero-trust

October 26, 2021
The Biden administration has been pushing for the security industry to adopt the zero-trust concept. Today’s columnist, Ashok Sankar of ReliaQuest, offers some insight into how security organizations can get started. (Photo by Kevin Dietsch/Getty Images)
  • Better visibility: Too many organizations lack visibility and experience blind spots. With zero-trust, organizations and resources are continuously monitored so security teams know exactly who accesses what and their state so vetting takes place continuously.
  • Improved security: Since entities are vetted continuously on their privilege to connect and remain connected, any deviations will trigger non-compliance and the entity being disconnected, ultimately bolstering security across the organization.
  • Shared responsibility: In the traditional security environment, the onus of protection has been primarily on IT and security teams, driving up enterprise costs and resource needs. With zero-trust, the employee has the responsibility to ensure they access corporate assets within set parameters.
  • Efficient IT management: For effective and efficient security, zero-trust dictates the use of automation capabilities. Organizations can do the activities and tasks, such as evaluating an access request, verification against attributes, or implementing a rule through automation. Orchestration of workflows help drive efficiencies further. 
  • Extend protection at scale to remote workers:  The pandemic has taught us that VPNs are not the most effective when it comes to remote work. Additionally, current security practices do not effectively account for the proliferation of cloud and mobile devices. Zero-trust, when properly implemented, can alleviate these challenges.
  • Cost savings: Traditional IT security has been built with a defined enterprise perimeter in mind that has made it very difficult to accommodate new technologies like cloud and mobile. Zero-trust helps simplify security practices without diluting them, and removes many of the burdens IT teams face today with traditional security.
  • Reduced attack surface: Since zero-trust focuses on securing enterprise resources and not on an enterprise perimeter, controls are focused on resource-specific access.
prestitial ad