REPORTS

Implementing a Zero Trust Architecture

March 18, 2020

Traditional network security has focused on perimeter defenses—once inside the network perimeter, users are often given broad access to a number of corporate resources. This means malicious actors can also come from inside or outside the network. Moreover, the growth in cloud computing and the number of remote workers raises the complexity of protecting an organization’s digital resources because more points of entry, exit, and data access exist than ever before.

Organizations are being forced to rethink the traditional network security perimeter. A zero trust architecture (ZTA) addresses this trend by focusing on protecting resources, not network perimeters, as the network location is no longer viewed as the prime component to the security posture of the resource.

Zero trust is a set of cybersecurity principles used to create a strategy that focuses on moving network defenses from wide, static network perimeters to focusing more narrowly on users, systems, and individual or small groups of resources. A ZTA uses zero trust principles to plan and protect an enterprise infrastructure and workflows. By design, a ZTA environment embraces the notion of no implicit trust toward systems and users regardless of their physical or network locations (i.e., local area networks versus the internet). Hence, a ZTA never grants access to resources until a user and device are thoroughly verified by reliable authentication and authorization.

This document defines a National Cybersecurity Center of Excellence (NCCoE) project to help organizations design for zero trust. This project will produce an example implementation of a ZTA that is designed and deployed according to the concepts and tenets documented in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-207, Zero Trust Architecture.

SHARE:
Price: FREE

About the Provider

No data was found

TOPICS

Cybersecurity, Network Security, zero trust