#2: Zero Trust

Verifying identities from the core to the edge and beyond

The more an organization’s workforce spreads outward and away from a centralized location, the more blurred the lines become between internal “trusted” entities and external “untrusted” entities. In short, not every user with the right system credentials has legitimate access privileges to internal assets.

That’s why Zero Trust authentication solutions are surging in popularity. Zero Trust assumes there is no traditional network edge—that networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location.

With a Zero Trust framework, all users and devices—whether inside or outside the organization’s network—must be authenticated and continuously validated before gaining or retaining access to applications and data. Access decisions are based on contextual attributes such as user identity, time of day, location, device type, and more.

Adding up to Zero Trust

While there is no single silver bullet for a Zero Trust approach and 100% Zero Trust is unachievable for most, organizations can adopt several tools to advance toward their goals, including:

Microsegmentation: Creates network segments based on data sensitivity and traffic control between segments
Identity & Access Management: Uses single sign-on, multi-factor authentication, and privileged access management controls for strong authentication across cloud platforms and internal systems
Secure Access Service Edge (SASE): Brings together wide area networking and network security services into a single, cloud-delivered service model with complete session protection, regardless of whether a user is on or off the corporate network
Data Classification: Enables the linking of security levels with specific types of data, regardless of where it resides
Data Loss Prevention: Reduces data loss at the endpoint, the greatest area of risk, by monitoring and managing the flow of cloud-based and on-premises sensitive data and providing control points for implementing Zero Trust policies
Zero Trust Network Access/Software-Defined Perimeter: Grants access to users and devices on a “need-to-know” basis and connects users to private applications without placing them on the network or exposing apps to the internet

⁴Research firm Markets and Markets
⁵Microsoft Zero Trust Adoption Report