Uploaded byOkta-Inc
PPTX, PDF2,807 views

What is Zero Trust

Zero Trust is a security model that requires verification of every individual accessing resources, treating all users and devices as untrusted until verified. As traditional network perimeters dissolve due to mobile and cloud technologies, organizations must implement access controls based on contextual need, ensuring all access is authenticated, authorized, and encrypted. The approach focuses on identity-driven security, emphasizing centralized identity management and continuous risk assessment.

Embed presentation

Downloaded 176 times
What is Zero Trust?
In the past, organizations protected themselves by putting a perimeter around their network.
© Okta and/or its affiliates. All rights reserved. Okta Confidential 3 Network Perimeter Enforced by Firewalls TRUSTED UNTRUSTED Everyone inside the network was trusted. Everyone outside the network was not.
That was problematic, because if a hacker breached the network, they had access to everything inside of the company: including its most highly sensitive data.
Mobile + cloud have dissolved the perimeter Result: We can no longer assume people in the network should be trusted PEOPLE Employees Contractors Partners Suppliers Customers DATA Infrastructure Applications Platforms APIs
PEOPLE Employees Contractors Partners Suppliers Customers DATA Infrastructure Applications Platforms APIs Today, we need a perimeter around every person who accesses data in an organization. Contextual Access Result: Organizations should require access controls based on individual need and context
“Never trust, always verify” In a Zero Trust World
Secure access All resources are accessed in a secure manner, regardless of your location. Control access Each person is granted access on a need-to-know basis Inspect + log traffic Security + IT teams inspect + log all traffic to verify users are doing the right thing at the right time The Key Concepts of Zero Trust: #1 #2 #3
Zero Trust has evolved over time 2009 2011 2013 2015 2017 2019 2009: Forrester Zero Trust is born 2018: Releases ZTX Framework 2014: Google BeyondCorp research published 2017: Gartner CARTA published • Connecting from a particular network must not determine which services you can access • Access to services is granted based on understanding of you and your device • All access to services must be authenticated, authorized and encrypted Continuous Adaptive Risk and Trust Assessment
Workloads Data Networks People Devices Data People Networks WorkloadsDevices When people are the perimeter, identity becomes the platform for Zero Trust Forrester’s Zero Trust Extended Ecosystem (ZTX)
© Okta and/or its affiliates. All rights reserved. Okta Confidential Identity-driven security 1 Centralize identity and access control via single sign-on 1 Ensure strong authentication across all services, everywhere 2 Reduce your attack surface through automated provisioning and deprovisioning 3 Enable visibility, assurance and control over API resources 4 Integrate across the Zero Trust ecosystem
Learn more about the role of identity in Zero Trust at Okta.com/ZeroTrust

More Related Content

PDF
Zero Trust Model Presentation
byGowdhaman Jothilingam
 
PDF
NIST Zero Trust Explained
byrtp2009
 
PPTX
Zero Trust Network Access
byEr. Ajay Sirsat
 
PPTX
Zero trust deck 2020
byGuido Marchetti
 
PPTX
What is zero trust model (ztm)
byAhmed Banafa
 
PPTX
Understanding Zero Trust Security for IBM i
byPrecisely
 
PPTX
Zero Trust Framework for Network Security​
byAlgoSec
 
PDF
Zero trust in a hybrid architecture
byHybrid IT Europe
 
Zero Trust Model Presentation
byGowdhaman Jothilingam
 
NIST Zero Trust Explained
byrtp2009
 
Zero Trust Network Access
byEr. Ajay Sirsat
 
Zero trust deck 2020
byGuido Marchetti
 
What is zero trust model (ztm)
byAhmed Banafa
 
Understanding Zero Trust Security for IBM i
byPrecisely
 
Zero Trust Framework for Network Security​
byAlgoSec
 
Zero trust in a hybrid architecture
byHybrid IT Europe
 

What's hot

PPTX
Zero trust Architecture
byAddWeb Solution Pvt. Ltd.
 
PPTX
Zero Trust
byBoaz Shunami
 
PDF
Microsoft Zero Trust
byDavid J Rosenthal
 
PPSX
Zero-Trust SASE DevSecOps
byAraf Karsh Hamid
 
PPTX
Adopting A Zero-Trust Model. Google Did It, Can You?
byZscaler
 
PPTX
Zero Trust Model
byYash
 
PPTX
The Zero Trust Model of Information Security
byTripwire
 
PPTX
Identity's Role in a Zero Trust Strategy
byOkta-Inc
 
PPTX
Cloud Security
byAWS User Group Bengaluru
 
PDF
Succeeding with Secure Access Service Edge (SASE)
byCloudflare
 
PDF
Introduction to MITRE ATT&CK
byArpan Raval
 
PDF
Threat Modeling Using STRIDE
byGirindro Pringgo Digdo
 
PDF
When Insiders ATT&CK!
byMITRE ATT&CK
 
PPTX
Putting MITRE ATT&CK into Action with What You Have, Where You Are
byKatie Nickels
 
PPTX
Why Zero Trust Architecture Will Become the New Normal in 2021
byCloudflare
 
PDF
Cloud security
byBikashPokharel3
 
PPTX
Cyber kill chain
byAnkita Ganguly
 
PDF
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
byIvanti
 
PPTX
kill-chain-presentation-v3
byShawn Croswell
 
PPTX
Zero trust for everybody: 3 ways to get there fast
byCloudflare
 
Zero trust Architecture
byAddWeb Solution Pvt. Ltd.
 
Zero Trust
byBoaz Shunami
 
Microsoft Zero Trust
byDavid J Rosenthal
 
Zero-Trust SASE DevSecOps
byAraf Karsh Hamid
 
Adopting A Zero-Trust Model. Google Did It, Can You?
byZscaler
 
Zero Trust Model
byYash
 
The Zero Trust Model of Information Security
byTripwire
 
Identity's Role in a Zero Trust Strategy
byOkta-Inc
 
Cloud Security
byAWS User Group Bengaluru
 
Succeeding with Secure Access Service Edge (SASE)
byCloudflare
 
Introduction to MITRE ATT&CK
byArpan Raval
 
Threat Modeling Using STRIDE
byGirindro Pringgo Digdo
 
When Insiders ATT&CK!
byMITRE ATT&CK
 
Putting MITRE ATT&CK into Action with What You Have, Where You Are
byKatie Nickels
 
Why Zero Trust Architecture Will Become the New Normal in 2021
byCloudflare
 
Cloud security
byBikashPokharel3
 
Cyber kill chain
byAnkita Ganguly
 
Cybersecurity Insiders Webinar - Zero Trust: Best Practices for Securing the...
byIvanti
 
kill-chain-presentation-v3
byShawn Croswell
 
Zero trust for everybody: 3 ways to get there fast
byCloudflare
 

Similar to What is Zero Trust

PPTX
Zero Trust: Redefining Security in the Digital Age
byArnold Antoo
 
PDF
Zero Trust Network Security- A Modern Approach to Cyber Defense (1).pdf
byjvinay0898
 
PPTX
Zero Trust Architecture Zero Trust ArchitectureZero Trust ArchitectureZero Tr...
byMohammadShamsuddin16
 
PDF
Zero Trust Network Security- A New Era of Cyber Defense.pdf
byjvinay0898
 
PPTX
Zero Trust and Data Security
byCareer Communications Group
 
PDF
The 1st Step to Zero Trust: Asset Management for Cybersecurity
bynathan-axonius
 
PPTX
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
byMaganathin Veeraragaloo
 
PDF
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
bynull - The Open Security Community
 
PDF
Moving to an endpoint centric zero trust security model
byAdamAzrylJohan
 
PDF
Zero Trust Best Practices for Kubernetes
byNGINX, Inc.
 
PDF
How Zero Trust Makes the Mission Simple & Secure
byscoopnewsgroup
 
PPTX
The Importance of Zero Trust Security in Modern.pptx
byissahakukuwerej
 
PDF
Understanding Zero Trust Network Security_ A Comprehensive Guide.pdf
byshitolesonam7
 
PDF
BATbern48_How Zero Trust can help your organisation keep safe.pdf
byBATbern
 
PDF
What is the Zero Trust Security Model, How Does It Work, and Why Is It Import...
byDina G
 
PDF
zero trust - how to build zero trust.pdf
byAliAlwesabi
 
PPTX
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
byprasanna212623
 
PDF
Zero trust architecture and MIS.pdf
byCentral Pattana Public Company Limited (CPN)
 
PPTX
microsoft-cybersecurity-reference-architectures (1).pptx
byGenericName6
 
PDF
Fortifying Cybersecurity_ The Imperative of Zero Trust Network Access
byNitel USA
 
Zero Trust: Redefining Security in the Digital Age
byArnold Antoo
 
Zero Trust Network Security- A Modern Approach to Cyber Defense (1).pdf
byjvinay0898
 
Zero Trust Architecture Zero Trust ArchitectureZero Trust ArchitectureZero Tr...
byMohammadShamsuddin16
 
Zero Trust Network Security- A New Era of Cyber Defense.pdf
byjvinay0898
 
Zero Trust and Data Security
byCareer Communications Group
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
bynathan-axonius
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
byMaganathin Veeraragaloo
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
bynull - The Open Security Community
 
Moving to an endpoint centric zero trust security model
byAdamAzrylJohan
 
Zero Trust Best Practices for Kubernetes
byNGINX, Inc.
 
How Zero Trust Makes the Mission Simple & Secure
byscoopnewsgroup
 
The Importance of Zero Trust Security in Modern.pptx
byissahakukuwerej
 
Understanding Zero Trust Network Security_ A Comprehensive Guide.pdf
byshitolesonam7
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
byBATbern
 
What is the Zero Trust Security Model, How Does It Work, and Why Is It Import...
byDina G
 
zero trust - how to build zero trust.pdf
byAliAlwesabi
 
SEMINAR ghajkakqkqkvnnkamsmAJAY PPT.pptx
byprasanna212623
 
Zero trust architecture and MIS.pdf
byCentral Pattana Public Company Limited (CPN)
 
microsoft-cybersecurity-reference-architectures (1).pptx
byGenericName6
 
Fortifying Cybersecurity_ The Imperative of Zero Trust Network Access
byNitel USA
 

More from Okta-Inc

PDF
5 Top Enterprises Making IAM a Priority
byOkta-Inc
 
PPTX
Webauthn Authentication
byOkta-Inc
 
PPTX
Webauthn Registration
byOkta-Inc
 
PDF
Okta Digital Enterprise Report
byOkta-Inc
 
PDF
Pre-built, Secure Identity Layer for Consumer Websites, B2B Portals and SaaS ...
byOkta-Inc
 
PDF
Company and Market Overview
byOkta-Inc
 
PDF
Extending Active Directory to Box for Seamless IT Management
byOkta-Inc
 
PDF
Avoiding the Hidden Costs of Active Directory Federation Services (AD FS)
byOkta-Inc
 
5 Top Enterprises Making IAM a Priority
byOkta-Inc
 
Webauthn Authentication
byOkta-Inc
 
Webauthn Registration
byOkta-Inc
 
Okta Digital Enterprise Report
byOkta-Inc
 
Pre-built, Secure Identity Layer for Consumer Websites, B2B Portals and SaaS ...
byOkta-Inc
 
Company and Market Overview
byOkta-Inc
 
Extending Active Directory to Box for Seamless IT Management
byOkta-Inc
 
Avoiding the Hidden Costs of Active Directory Federation Services (AD FS)
byOkta-Inc
 

Recently uploaded

PDF
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
PDF
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
PPTX
Installing Python in Visual Studio Code
bydabydcatahanibmcom
 
PDF
Lost Android Phone Recovery_ Steps That Work Fast.pdf
byIsabella Reed
 
PDF
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
PDF
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
PPTX
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
PDF
Taxi App UIUX Design for Seamless Ride Booking
byV3CUBE TECHNOLABS
 
PDF
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
PDF
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
PPTX
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
PDF
Ecommerce Website Development Services - Web Panel Solutions.pdf
byWEB PANEL SOLUTIONS
 
PDF
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
PDF
The Modern Architect's Codex: Design Patterns in .NET 9
byVineet Sharma
 
PDF
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
PDF
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PPTX
Data Skills for Business Analysts: What You Need to Succeed
byScott W. Ambler
 
PDF
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
PDF
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
HuemanAI Platform Overview.pptx (1) (2).pdf
byAnkur Handoo
 
Installing Python in Visual Studio Code
bydabydcatahanibmcom
 
Lost Android Phone Recovery_ Steps That Work Fast.pdf
byIsabella Reed
 
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
Doctor On Call App Development for Digital Healthcare.
byV3CUBE TECHNOLABS
 
Pitch Deck for MEVIA OS - No Apps, Infinite, Decentralized Operating System
byDr. Edwin Hernandez
 
Taxi App UIUX Design for Seamless Ride Booking
byV3CUBE TECHNOLABS
 
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
SAP ERP to SAP S_4HANA Cloud Private Edition Delta Scope
bychuck78
 
40m_wAIred_DigitalPlatformRabobank_10022026.pptx
bySimonedeGijt
 
Ecommerce Website Development Services - Web Panel Solutions.pdf
byWEB PANEL SOLUTIONS
 
MySQL Routing Guidelines: Designing Smarter Query Routing Together
byMiguel Araújo
 
The Modern Architect's Codex: Design Patterns in .NET 9
byVineet Sharma
 
Introduction to Modern Artificial Intelligence.pdf
byAI n Dot Net
 
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
Data Skills for Business Analysts: What You Need to Succeed
byScott W. Ambler
 
JFokus 2026 - Please pass the salt- Serve up passwords with a side of entropy...
byOrtus Solutions, Corp
 
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 

What is Zero Trust

  • 1.
  • 2.
    In the past,organizations protected themselves by putting a perimeter around their network.
  • 3.
    © Okta and/orits affiliates. All rights reserved. Okta Confidential 3 Network Perimeter Enforced by Firewalls TRUSTED UNTRUSTED Everyone inside the network was trusted. Everyone outside the network was not.
  • 4.
    That was problematic,because if a hacker breached the network, they had access to everything inside of the company: including its most highly sensitive data.
  • 5.
    Mobile + cloudhave dissolved the perimeter Result: We can no longer assume people in the network should be trusted PEOPLE Employees Contractors Partners Suppliers Customers DATA Infrastructure Applications Platforms APIs
  • 6.
    PEOPLE Employees Contractors PartnersSuppliers Customers DATA Infrastructure Applications Platforms APIs Today, we need a perimeter around every person who accesses data in an organization. Contextual Access Result: Organizations should require access controls based on individual need and context
  • 7.
    “Never trust, alwaysverify” In a Zero Trust World
  • 8.
    Secure access All resourcesare accessed in a secure manner, regardless of your location. Control access Each person is granted access on a need-to-know basis Inspect + log traffic Security + IT teams inspect + log all traffic to verify users are doing the right thing at the right time The Key Concepts of Zero Trust: #1 #2 #3
  • 9.
    Zero Trust hasevolved over time 2009 2011 2013 2015 2017 2019 2009: Forrester Zero Trust is born 2018: Releases ZTX Framework 2014: Google BeyondCorp research published 2017: Gartner CARTA published • Connecting from a particular network must not determine which services you can access • Access to services is granted based on understanding of you and your device • All access to services must be authenticated, authorized and encrypted Continuous Adaptive Risk and Trust Assessment
  • 10.
    Workloads Data Networks People Devices Data People Networks WorkloadsDevices When peopleare the perimeter, identity becomes the platform for Zero Trust Forrester’s Zero Trust Extended Ecosystem (ZTX)
  • 11.
    © Okta and/orits affiliates. All rights reserved. Okta Confidential Identity-driven security 1 Centralize identity and access control via single sign-on 1 Ensure strong authentication across all services, everywhere 2 Reduce your attack surface through automated provisioning and deprovisioning 3 Enable visibility, assurance and control over API resources 4 Integrate across the Zero Trust ecosystem
  • 12.
    Learn more aboutthe role of identity in Zero Trust at Okta.com/ZeroTrust

Editor's Notes

  • #3 Zero Trust is the security framework developed by John Kindervag in 2009 while he was at Forrester Research
  • #4  the old way assumes a trusted network protected by the network perimeter And an untrusted network outside the perimeter where the bad guys live. This security model is problematic because, when that perimeter is breached, an attacker has relatively easy access to a company’s privileged intranet
  • #5 Zero Trust is the security framework developed by John Kindervag in 2009 while he was at Forrester Research
  • #6  , as modern organizations adopt mobile and cloud technologies, the perimeter is becoming increasingly difficult to enforce Effectively there is no longer a “perimeter” around your sensitive assets Employees, contractors, partners, suppliers all accessing that data from across the traditional perimeter, representing potential threats. The result is that you can no longer assume trust across any part of the IT stack
  • #8 Key concepts: Never trust, always verify All resources are accessed in a secure manner, regardless of location. Access control is on a “need-to-know” basis and is strictly enforced Inspect and log all traffic to verify users are doing the right thing Led to next generation firewall
  • #9 Key concepts: Never trust, always verify All resources are accessed in a secure manner, regardless of location. Access control is on a “need-to-know” basis and is strictly enforced Inspect and log all traffic to verify users are doing the right thing Led to next generation firewall
  • #12 Identity represents a critical control point in today’s modern work environments. With a diverse and mobile workforce, use of personal devices, and data residing outside of an organization’s premises, identity becomes the new perimeter. This requires a new identity-led security strategy focused on: Centralizing identity and access control using single sign-on [Click] Ensuring strong authentication everywhere using MFA [Click] Reducing the attack surface through automated provisioning and deprovisioning using lifecycle management [Click] And visibility, assurance and control over API resources through API Access Management. [Click] All while enabling rapid response to compromise by integrating into your security ecosystem.