Nitin Rajput
Short bio about author here Lorem ipsum dolor sit amet consectetur. Vitae donec tincidunt elementum quam laoreet duis sit enim. Duis mattis velit sit leo diam.
Tags
Share this article
5/18/24
Published
In today’s evolving threat landscape, Zero Trust Architecture has emerged as a significant security framework for organizations. One influential model in this space is the Zero Trust Model, attributed to John Kinderbag. Inspired by Kinderbag’s model, we explore how our advanced solution can effectively align with the principles of Zero Trust.
Let’s dive into the key points of mapping the Zero Trust Model with AlgoSec’s solution, enabling organizations to strengthen their security posture and embrace the Zero Trust paradigm.
My approach of mapping Zero Trust Model with AlgoSec solution is based on John Kinderbag’s Zero Trust model (details) which being widely followed, and I hope it will help organizations in building their Zero trust strategy.
Firstly, let’s understand what Zero trust is all about in a simple language. Zero Trust is a Cybersecurity approach that articulates that the fundamental problem we have is a broken trust model where the untrusted side of the network is the evil internet, and the trusted side is the stuff we control. Therefore, it is an approach to designing and implementing a security program based on the notion that no user or device or agent should have implicit trust. Instead, anyone or anything, a device or system that seeks access to corporate assets must prove it should be trusted.
The primary goal of Zero Trust is to prevent breaches. Prevention is possible. In fact, it’s more cost effective from a business perspective to prevent a breach than it is to attempt to recover from a breach, pay a ransom, and the deal with the costs of downtime or lost customers.
As per John Kinderbag, there are Four Zero Trust Design Principles and Five-Step Zero Trust Design Methodology.
The Four Zero Trust Design Principles:
The first and the most important principle of your Zero Trust strategy is know “What is the Business trying to achieve?”. Second, start with DAAS (Data, Application, Asset and Services) elements and protect surfaces that need protection and design outward from there. Third, determine who needs to have access to a resource in order to get their job done, commonly known as least privilege. Fourth, all the traffic going to and from a protect surface must be inspected and logged for malicious content.