What is the Zero Trust Model (ZTM)

-
The Zero Trust Model of information security simplifies how information security is conceptualized by assuming there are no longer “trusted” interfaces, applications, traffic, networks, or users. It takes the old model— “trust but verify”—and inverts it, because recent breaches have proven that when an organization trusts, it doesn’t verify [6].

This model requires that the following rules be followed [6]:


All resources must be accessed in a secure manner.
Access control must be on a need-to-know basis and strictly enforced.
Systems must verify and never trust.
All traffic must be inspected, logged, and reviewed.
Systems must be designed from the inside out instead of the outside in.


The zero-trust model has three key concepts:





 


Ensure all resources are accessed securely regardless of location.
Adopt a least privilege strategy and strictly enforce access control.
Inspect and log all traffic.


“Outside-In” to “Inside-Out” Attacks

According to a Forrester Research report, information security professionals should readjust some widely held views on how to combat cyber risks. Security professionals emphasize strengthening the network perimeter, the report states, but evolving threats—such as increasing misuse of employee passwords and targeted attacks—mean executives need to start buffering internal networks. In the zero-trust security model, companies should also analyze employee access and internal network traffic. One major recommendation of ...


Read More on Datafloq

Comments

Post a Comment

Popular posts from this blog

Underwater Autonomous Vehicles Helping Navy Get More for the Money 

-
Image
By AI Trends Staff     As the  US Navy  strives to get to a 355-ship fleet by 2034, part of a 30-year plan the Navy outlined in 2019, it is finding it economical to use underwater autonomous vehicles. They meet many of the requirements of larger submarines at a fraction of the cost.     For example, the Navy awarded Boeing a $43-million contract to build four Orca Extra Large Unmanned Undersea Vehicles (XLUUVs) last year, described in a release from  USNI News .      Boeing based its winning Orca XLUUV design on its Echo Voyager unmanned diesel-electric submersible. The 51-foot-long submersible is launched from a pier and can operate autonomously while sailing up to 6,500 nautical miles without being connected to a manned mother ship, according to the Navy.   In military spending terms, the versatility of the Orca at the price is “fairly unheard of in military spending,” according to an account in  The National Interest . ...
Read more

Canada regulator seeks information from public on Rogers-Shaw deal

-
(Reuters) - A Canadian regulator on Tuesday asked for information from the public on telecom company Rogers Communications Inc's planned C$20 billion ($16 billion) purchase of Shaw Communications Inc to check for competition concerns. The deal announced in March to create Canada's second-largest cellular and cable operator has attracted regulatory scrutiny. The Competition Bureau said in August it obtained court orders to advance its review. The regulator on Tuesday asked market participants and Canadians to come forth with information that could assist the regulator's probe on whether the deal will reduce or prevent competition. The Competition Bureau said its review was ongoing and no conclusions have been made. ... Read More on Datafloq
Read more