SlideShare a Scribd company logo

Zero Tolerance Zero Trust Architecture

aNumak & Company
aNumak & Company

In the Zero Trust Model, every network request should be treated as if the network had been compromised, and even simple requests should be treated as a potential threat. Multi-factor authentication and authorization are required before a session can be started or any access allowed. Also, when an authenticated user requests access to a new resource, their credentials need to be rechecked. This approach helps limit lateral movement when there is a threat inside the network and helps to quickly detect, identify and neutralize threats coming from the outside or inside the network.

Technology
1 of 6
Download to read offline
ZERO TOLERANCE ZERO TRUST ARCHITECTURE Tuğçe ARSLAN
The Zero Trust Architecture (ZTA) has made a lot of noise in the cybersecurity world, primar- ily due to a recent issue. In that order, the Zero Trust Architecture (ZTA) is cited as one of the best practices for modernizing Federal Government cybersecurity. It is a method of designing the cybersecurity infrastructure of an organization’s network based on the Zero Trust Architecture (ZTA) Model. At its core, Zero Trust Architecture (ZTA) operates on the principle that there is no implicit trust given to any part of a network. The Zero Trust Architec- ture (ZTA) Model was developed to reduce the potential attack threat and increase the security posture. Network security generally deals with ac- cess. Gaining access to a resource requires users to prove their identity by showing their creden- tials, thereby achieving the network’s trust. The traditional “fort and moat” approach to security relies on establishing perimeter defenses where these credentials are checked and access is allowed once verified. However, this practice poses potential security threats. In the Zero Trust Architecture (ZTA) Model, every network request should be treated as if the network had been compromised, and even simple requests should be treated as a potential threat. As a result, multi–factor authentication and authorization are required before a session can be started or any access allowed. Also, when an authenticated user requests access to a new resource, their credentials need to be rechecked. This approach helps limit lateral movement when there is a threat inside the net- work and helps to quickly detect, identify and neutralize threats coming from the outside or inside the network. The total transformation of an organiza- tion’s IT systems to implement a Zero Trust Architecture (ZTA) is complex. Instead, organi- zations should continually improve their security posture in small and simple steps. Also, migrat- ing existing services to the new architecture is often more costly than designing new services from scratch. Therefore, it may be an excellent strategy to implement new services, especially cloud-based ones, by Zero Trust Architecture (ZTA) principles. anumak.ai
Zero Trust Architecture (ZTA) is a data–cen- tric approach because it focuses on protecting the network’s assets rather than its segments. A critical factor for implementing Zero Trust Archi- tecture (ZTA) should be to identify the resources that need protection and the best method to protect them. Data must be protected at rest and in transit, so encryption, especially PKI, is the cornerstone of Zero Trust Architecture (ZTA) implementation. Data collection on the efficien- cy of the policies implemented and user behav- ior is also critical in creating a dynamic system that can adapt to cybersecurity’s ever–changing environment. As the Zero Trust Architecture (ZTA) devel- ops and matures rapidly, the concept of Zero Trust Architecture (ZTA) is explained in different dimensions for different situations. However, based on the Zero Trust Architecture (ZTA) approach; • Network locality is not sufficient to decide trust in a network. • External and internal threats are always present on the network. • Every device, user, and network flow must be authenticated and authorized. • Policies should be dynamic and calculated from as many data sources as possible. Integration of IoT devices into IT networks is quite common nowadays. However, this inte- gration of IoT devices comes with its own set of problems. These devices are not recognized with high–security standards, thus putting the entire network at risk of unauthorized breach. To get it, Zero Trust Architecture (ZTA) is a policy implemented to counter this new vulnera- bility. Design Principles of Zero Trust Architecture (ZTA) • Know your architecture, including users, devices, and data: In other cases, you can identify your pur- chases by following a non–technical procedure such as querying procurement records. It is also essential to know what data is stored in your environment, its location, and its sensitivity. • Evaluate user behavior, service, and device health: • Focus on monitoring users, devices, and services: In a Zero Trust Architecture (ZTA), your mon- itoring strategy will likely change to focus on users, devices, and services. Monitoring your devices, services, and user behavior will help you build your cyber health. anumak.ai
Tracking must be done on the device and exported via a secure transfer (to a central loca- tion). User behavior, such as regular working hours or standard working location, is another critical metric to monitor. It is also essential to have visibility of your services and services. Un- derstand the interaction between users and their data. This information can be used as a signal with any observed abnormal activity operated by a policy engine to make an access decision. You should know what devices, users, and services perform and their access data. Your monitoring should go back to the policies you set and verify that they are implemented as you expect. • Do not trust any network, including your own: Please do not trust any network between the device and its accessing service, including the local network. Communication over a network to access data or services must use a secure transport such as TLS. In addition, the device must be configured to prevent attacks existing on a local web. • Know your user, service, and device IDs: An identity can represent a user (human), service (software process), or device. Each must be uniquely identifiable in Zero Trust Architecture (ZTA). This is one of the most critical factors in deciding whether to grant someone or something access to data or services. These unique IDs are a series of signals that feed a policy engine that uses this information to make access decisions. Completing a discovery exercise is an essential first step towards allocating a single identity resource to your users, services, and devices. • Authenticate and authorize everyone: When assessing the risk associated with access requests. MFA is a requirement for Zero Trust Architecture (ZTA). This does not mean that the user experience has to be poor. On the contrary, powerful MFA can be achieved with a good user experience on modern devices and platforms. • Use policies to authorize requests: Policies can also help facilitate risk–managed to share of data or services with guest users or partner organizations. Use product–managed services and protocols that support a continuous authentication and authorization process. anumak.ai
ANUMAK & COMPANY aNumak & Company is a global management consulting firm, an India private company limited by warranty. It is a company with expertise in creating scalable business models for different industry verticals. The Company strives to provide solutions through consulting, digital transformation, and innovative products that solve modern business problems. Offering on– site and offshore support and unique strategies, aNumak & Company transforms traditional business models into high–performance, dynamic, and distinctive business enterprises. It brings insights from core domain experts to deliver the best possible solutions to drive growth. aNumak & Company and each of its member firms are legally separate and independent entities. For more detailed information about aNumak & Company and its member companies, please visit https://www.anumak.com This material was prepared by aNumak & Company. This material (including any information it contains) is intended to provide general information on a particular topic(s). This material may contain information obtained from publicly available information or other third–party sources. aNumak & Company does not independently verify such sources and is not responsible for any loss resulting from reliance on information obtained from such sources. aNumak & Company does not provide any investment, legal, or other professional advice or services through this material. You should seek specific advice from the relevant specialist(s) for such services. This material or information is not intended to be considered the sole basis for any decision that could affect you, your business, or the operations of the company. Before making any decision or taking any action that could affect your finances or business, you should consult a professional. No institution at aNumak & Company can be held responsible for any loss suffered by any person or institution due to access to, use, or reliance on this material. By using this material or any information it contains, the user accepts he entirety of this notice and the terms of use. ©2022 aNumak & Company anumak.ai
CONTACTS Amith Kumar Chief Executive Officer, aNumak & Company amith@anumak.com Neha Anush Chief Operating Officer, aNumak & Company neha.anush@anumak.com Cesibel Rodriguez Chief Branding Officer, aNumak & Company cesi@anumak.com Ricky Devaya Chief Human Resource Officer – India, aNumak & Company ricky@anumak.com Vilas Khole Chief Delivery Officer – India, aNumak & Company vilas@anumak.com Karthik Reddy Chief Sales Officer – UAE, aNumak & Company karthik@anumak.in Iván Muñiz Rothgiesser Sales Director, aNumak & Company ivan@anumak.com aNumak & Company marketing@anumak.com Pr@anumak.in - info@anumak.com CONTRIBUTORS Gino Mori Valenzuela Client Partner – Retail, aNumak & Company gino@anumak.in Diana Marcela Rios Client Partner – Retail, aNumak & Company diana@anumak.in Víctor Freundt Client Partner – Education, aNumak & Company victor@anumak.in Agyemang Mensah Kwadwo Graphic Designer, aNumak & Company agyemang@anumak.in Author: Tuǧçe ARSLAN arslan@anumak.in anumak.ai

Recommended

ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
Blockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdfBlockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdf
aNumak & Company
 
SAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero TrustSAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero Trust
InstaSafe Technologies
 
Understanding Data Centers Components of IT Infrastructure
Understanding Data Centers Components of IT InfrastructureUnderstanding Data Centers Components of IT Infrastructure
Understanding Data Centers Components of IT Infrastructure
aNumak & Company
 
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptxSEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
prasanna212623
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
 

Recommended

ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
Blockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdfBlockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdf
aNumak & Company
 
SAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero TrustSAP Application Access with Instasafe Zero Trust
SAP Application Access with Instasafe Zero Trust
InstaSafe Technologies
 
Understanding Data Centers Components of IT Infrastructure
Understanding Data Centers Components of IT InfrastructureUnderstanding Data Centers Components of IT Infrastructure
Understanding Data Centers Components of IT Infrastructure
aNumak & Company
 
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptxSEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
prasanna212623
 
Zero Trust and Data Security
Zero Trust and Data SecurityZero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
DMI
 
Best Practises to Follow ZTNA.pdf
Best Practises to Follow ZTNA.pdfBest Practises to Follow ZTNA.pdf
Best Practises to Follow ZTNA.pdf
Instasafe1
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
Ahmed Banafa
 
User Authentication Technique for Office Environment
User Authentication Technique for Office EnvironmentUser Authentication Technique for Office Environment
User Authentication Technique for Office Environment
IRJET Journal
 
The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!
Caroline Johnson
 
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docxMarket Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
endawalling
 
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docxMarket Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
alfredacavx97
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
IOSR Journals
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
 
Network Security Policies
Network Security PoliciesNetwork Security Policies
Network Security Policies
Aamir Sohail
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-cloud
drewz lin
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
Citrix
 
COSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero TrustCOSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero Trust
Frans Sauermann
 
Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...
Eswar Publications
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
Security Testing In The Secured World
Security Testing In The Secured WorldSecurity Testing In The Secured World
Security Testing In The Secured World
Jennifer Mary
 
CCSK.pptx
CCSK.pptxCCSK.pptx
CCSK.pptx
sukhpreetsingh295239
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
Symantec
 
The Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfThe Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdf
aNumak & Company
 
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
aNumak & Company
 

More Related Content

Similar to Zero Tolerance Zero Trust Architecture

Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docxMarket Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
endawalling
 
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docxMarket Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
alfredacavx97
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
Karen Oliver
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-cloud
drewz lin
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
EY
 
COSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero TrustCOSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero Trust
Frans Sauermann
 
Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...
Eswar Publications
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
Symantec
 

Similar to Zero Tolerance Zero Trust Architecture (20)

Best Practises to Follow ZTNA.pdf
Best Practises to Follow ZTNA.pdfBest Practises to Follow ZTNA.pdf
Best Practises to Follow ZTNA.pdf
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
Zero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital AgeZero Trust: Redefining Security in the Digital Age
Zero Trust: Redefining Security in the Digital Age
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
User Authentication Technique for Office Environment
User Authentication Technique for Office EnvironmentUser Authentication Technique for Office Environment
User Authentication Technique for Office Environment
 
The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!The Zero Trust Security Model for Modern Businesses!
The Zero Trust Security Model for Modern Businesses!
 
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docxMarket Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
 
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docxMarket Guide for Zero Trust Network AccessPublished 29 Apri.docx
Market Guide for Zero Trust Network AccessPublished 29 Apri.docx
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
Network Security Policies
Network Security PoliciesNetwork Security Policies
Network Security Policies
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-cloud
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
 
COSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero TrustCOSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero Trust
 
Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...Review of Considerations for Mobile Device based Secure Access to Financial S...
Review of Considerations for Mobile Device based Secure Access to Financial S...
 
Implementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloudImplementing zero trust architecture in azure hybrid cloud
Implementing zero trust architecture in azure hybrid cloud
 
Security Testing In The Secured World
Security Testing In The Secured WorldSecurity Testing In The Secured World
Security Testing In The Secured World
 
CCSK.pptx
CCSK.pptxCCSK.pptx
CCSK.pptx
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
 

More from aNumak & Company

The Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdfThe Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdf
aNumak & Company
 
Getting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdfGetting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdf
aNumak & Company
 
Localization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdfLocalization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdf
aNumak & Company
 
Effects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdfEffects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdf
aNumak & Company
 
How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...
aNumak & Company
 

More from aNumak & Company (20)

The Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdfThe Challenges Of Multi-cloud Management.pdf
The Challenges Of Multi-cloud Management.pdf
 
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf5 Pillars Of Effective Data Management In Modern Data Systems.pdf
5 Pillars Of Effective Data Management In Modern Data Systems.pdf
 
How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...
How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...
How CFOs Are Helping Corporations Integrate ESG Into Their Business Strategie...
 
Impact Of Industry 4.0 Technologies On Business Development And Management.pdf
Impact Of Industry 4.0 Technologies On Business Development And Management.pdfImpact Of Industry 4.0 Technologies On Business Development And Management.pdf
Impact Of Industry 4.0 Technologies On Business Development And Management.pdf
 
The Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdfThe Future Of Smart Technology And Its Effect On Business performance.pdf
The Future Of Smart Technology And Its Effect On Business performance.pdf
 
The effects of Industry 5.pdf
The effects of Industry 5.pdfThe effects of Industry 5.pdf
The effects of Industry 5.pdf
 
Importance Of The Dignity Of Compliance Risk In Organizations.pdf
Importance Of The Dignity Of Compliance Risk In Organizations.pdfImportance Of The Dignity Of Compliance Risk In Organizations.pdf
Importance Of The Dignity Of Compliance Risk In Organizations.pdf
 
NEXT GENERATION SOFTWARE DEVELOPMENT.pdf
NEXT GENERATION SOFTWARE DEVELOPMENT.pdfNEXT GENERATION SOFTWARE DEVELOPMENT.pdf
NEXT GENERATION SOFTWARE DEVELOPMENT.pdf
 
Getting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdfGetting Through the Fear Factor When Hiring Tech Talents.pdf
Getting Through the Fear Factor When Hiring Tech Talents.pdf
 
Rebuilding social capital and improving business performance.pdf
Rebuilding social capital and improving business performance.pdfRebuilding social capital and improving business performance.pdf
Rebuilding social capital and improving business performance.pdf
 
How Advanced Connectivity__ affects the prospects of the market trends today.pdf
How Advanced Connectivity__ affects the prospects of the market trends today.pdfHow Advanced Connectivity__ affects the prospects of the market trends today.pdf
How Advanced Connectivity__ affects the prospects of the market trends today.pdf
 
How Praise And recognition affect bottom line.pdf
How Praise And recognition affect bottom line.pdfHow Praise And recognition affect bottom line.pdf
How Praise And recognition affect bottom line.pdf
 
DANGERS OF TOXIC WORKPLACE.pdf
DANGERS OF TOXIC WORKPLACE.pdfDANGERS OF TOXIC WORKPLACE.pdf
DANGERS OF TOXIC WORKPLACE.pdf
 
How To Build Mentally Resilience Workforce for An Organization.pdf
How To Build Mentally Resilience Workforce for An Organization.pdfHow To Build Mentally Resilience Workforce for An Organization.pdf
How To Build Mentally Resilience Workforce for An Organization.pdf
 
FUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdf
FUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdfFUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdf
FUTURE OF RETAIL WILL LOOK LIKE WHAT'S HAPPENED IN THE MUSIC INDUSTRY.pdf
 
Localization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdfLocalization of data privacy laws creates opportunities for competition.pdf
Localization of data privacy laws creates opportunities for competition.pdf
 
How a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdf
How a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdfHow a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdf
How a Revamped Data Analytics Approach Can Mitigate Healthcare Disparities.pdf
 
Effects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdfEffects of High Inflation on Private Equity Performance in Business.pdf
Effects of High Inflation on Private Equity Performance in Business.pdf
 
How Low-code Can Help Businesses Automate IoT In Their Business.pdf
How Low-code Can Help Businesses Automate IoT In Their Business.pdfHow Low-code Can Help Businesses Automate IoT In Their Business.pdf
How Low-code Can Help Businesses Automate IoT In Their Business.pdf
 
How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...How the CEO's visionary leadership can tip the scales in favor of success in ...
How the CEO's visionary leadership can tip the scales in favor of success in ...
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 

Zero Tolerance Zero Trust Architecture

  • 1. ZERO TOLERANCE ZERO TRUST ARCHITECTURE Tuğçe ARSLAN
  • 2. The Zero Trust Architecture (ZTA) has made a lot of noise in the cybersecurity world, primar- ily due to a recent issue. In that order, the Zero Trust Architecture (ZTA) is cited as one of the best practices for modernizing Federal Government cybersecurity. It is a method of designing the cybersecurity infrastructure of an organization’s network based on the Zero Trust Architecture (ZTA) Model. At its core, Zero Trust Architecture (ZTA) operates on the principle that there is no implicit trust given to any part of a network. The Zero Trust Architec- ture (ZTA) Model was developed to reduce the potential attack threat and increase the security posture. Network security generally deals with ac- cess. Gaining access to a resource requires users to prove their identity by showing their creden- tials, thereby achieving the network’s trust. The traditional “fort and moat” approach to security relies on establishing perimeter defenses where these credentials are checked and access is allowed once verified. However, this practice poses potential security threats. In the Zero Trust Architecture (ZTA) Model, every network request should be treated as if the network had been compromised, and even simple requests should be treated as a potential threat. As a result, multi–factor authentication and authorization are required before a session can be started or any access allowed. Also, when an authenticated user requests access to a new resource, their credentials need to be rechecked. This approach helps limit lateral movement when there is a threat inside the net- work and helps to quickly detect, identify and neutralize threats coming from the outside or inside the network. The total transformation of an organiza- tion’s IT systems to implement a Zero Trust Architecture (ZTA) is complex. Instead, organi- zations should continually improve their security posture in small and simple steps. Also, migrat- ing existing services to the new architecture is often more costly than designing new services from scratch. Therefore, it may be an excellent strategy to implement new services, especially cloud-based ones, by Zero Trust Architecture (ZTA) principles. anumak.ai
  • 3. Zero Trust Architecture (ZTA) is a data–cen- tric approach because it focuses on protecting the network’s assets rather than its segments. A critical factor for implementing Zero Trust Archi- tecture (ZTA) should be to identify the resources that need protection and the best method to protect them. Data must be protected at rest and in transit, so encryption, especially PKI, is the cornerstone of Zero Trust Architecture (ZTA) implementation. Data collection on the efficien- cy of the policies implemented and user behav- ior is also critical in creating a dynamic system that can adapt to cybersecurity’s ever–changing environment. As the Zero Trust Architecture (ZTA) devel- ops and matures rapidly, the concept of Zero Trust Architecture (ZTA) is explained in different dimensions for different situations. However, based on the Zero Trust Architecture (ZTA) approach; • Network locality is not sufficient to decide trust in a network. • External and internal threats are always present on the network. • Every device, user, and network flow must be authenticated and authorized. • Policies should be dynamic and calculated from as many data sources as possible. Integration of IoT devices into IT networks is quite common nowadays. However, this inte- gration of IoT devices comes with its own set of problems. These devices are not recognized with high–security standards, thus putting the entire network at risk of unauthorized breach. To get it, Zero Trust Architecture (ZTA) is a policy implemented to counter this new vulnera- bility. Design Principles of Zero Trust Architecture (ZTA) • Know your architecture, including users, devices, and data: In other cases, you can identify your pur- chases by following a non–technical procedure such as querying procurement records. It is also essential to know what data is stored in your environment, its location, and its sensitivity. • Evaluate user behavior, service, and device health: • Focus on monitoring users, devices, and services: In a Zero Trust Architecture (ZTA), your mon- itoring strategy will likely change to focus on users, devices, and services. Monitoring your devices, services, and user behavior will help you build your cyber health. anumak.ai
  • 4. Tracking must be done on the device and exported via a secure transfer (to a central loca- tion). User behavior, such as regular working hours or standard working location, is another critical metric to monitor. It is also essential to have visibility of your services and services. Un- derstand the interaction between users and their data. This information can be used as a signal with any observed abnormal activity operated by a policy engine to make an access decision. You should know what devices, users, and services perform and their access data. Your monitoring should go back to the policies you set and verify that they are implemented as you expect. • Do not trust any network, including your own: Please do not trust any network between the device and its accessing service, including the local network. Communication over a network to access data or services must use a secure transport such as TLS. In addition, the device must be configured to prevent attacks existing on a local web. • Know your user, service, and device IDs: An identity can represent a user (human), service (software process), or device. Each must be uniquely identifiable in Zero Trust Architecture (ZTA). This is one of the most critical factors in deciding whether to grant someone or something access to data or services. These unique IDs are a series of signals that feed a policy engine that uses this information to make access decisions. Completing a discovery exercise is an essential first step towards allocating a single identity resource to your users, services, and devices. • Authenticate and authorize everyone: When assessing the risk associated with access requests. MFA is a requirement for Zero Trust Architecture (ZTA). This does not mean that the user experience has to be poor. On the contrary, powerful MFA can be achieved with a good user experience on modern devices and platforms. • Use policies to authorize requests: Policies can also help facilitate risk–managed to share of data or services with guest users or partner organizations. Use product–managed services and protocols that support a continuous authentication and authorization process. anumak.ai
  • 5. ANUMAK & COMPANY aNumak & Company is a global management consulting firm, an India private company limited by warranty. It is a company with expertise in creating scalable business models for different industry verticals. The Company strives to provide solutions through consulting, digital transformation, and innovative products that solve modern business problems. Offering on– site and offshore support and unique strategies, aNumak & Company transforms traditional business models into high–performance, dynamic, and distinctive business enterprises. It brings insights from core domain experts to deliver the best possible solutions to drive growth. aNumak & Company and each of its member firms are legally separate and independent entities. For more detailed information about aNumak & Company and its member companies, please visit https://www.anumak.com This material was prepared by aNumak & Company. This material (including any information it contains) is intended to provide general information on a particular topic(s). This material may contain information obtained from publicly available information or other third–party sources. aNumak & Company does not independently verify such sources and is not responsible for any loss resulting from reliance on information obtained from such sources. aNumak & Company does not provide any investment, legal, or other professional advice or services through this material. You should seek specific advice from the relevant specialist(s) for such services. This material or information is not intended to be considered the sole basis for any decision that could affect you, your business, or the operations of the company. Before making any decision or taking any action that could affect your finances or business, you should consult a professional. No institution at aNumak & Company can be held responsible for any loss suffered by any person or institution due to access to, use, or reliance on this material. By using this material or any information it contains, the user accepts he entirety of this notice and the terms of use. ©2022 aNumak & Company anumak.ai
  • 6. CONTACTS Amith Kumar Chief Executive Officer, aNumak & Company amith@anumak.com Neha Anush Chief Operating Officer, aNumak & Company neha.anush@anumak.com Cesibel Rodriguez Chief Branding Officer, aNumak & Company cesi@anumak.com Ricky Devaya Chief Human Resource Officer – India, aNumak & Company ricky@anumak.com Vilas Khole Chief Delivery Officer – India, aNumak & Company vilas@anumak.com Karthik Reddy Chief Sales Officer – UAE, aNumak & Company karthik@anumak.in Iván Muñiz Rothgiesser Sales Director, aNumak & Company ivan@anumak.com aNumak & Company marketing@anumak.com Pr@anumak.in - info@anumak.com CONTRIBUTORS Gino Mori Valenzuela Client Partner – Retail, aNumak & Company gino@anumak.in Diana Marcela Rios Client Partner – Retail, aNumak & Company diana@anumak.in Víctor Freundt Client Partner – Education, aNumak & Company victor@anumak.in Agyemang Mensah Kwadwo Graphic Designer, aNumak & Company agyemang@anumak.in Author: Tuǧçe ARSLAN arslan@anumak.in anumak.ai