Article Read Time
So what is Zero Trust? In college, I worked at a bank when I came home for holidays or the summer. I was a rotating teller, so I was always at different branches.
Once, an elderly gentleman came to my window to cash a check. I greeted him nicely and asked for his identification to cash the large check drawn from his account. He began yelling and throwing a fit, saying he had been banking there for 30 years.
I calmly explained that I was new and didn’t know him, and that I was trying to protect him by ensuring I wasn’t giving his money to someone else. Another teller vouched for him, having known him as a customer for many years. I wanted to ask him if he knew me, then explain that if he didn’t, how should I know him? But alas, common sense is not so common sometimes.
Implementing a Zero Trust model in your organization’s network involves a similar approach.
Users should be required to prove their identity before they are allowed to enter the system. This can be done via multi-factor authentication, ensuring passwords are changed regularly. Verifying user identity must be mandatory whenever a user accesses the network.
A policy of ‘least privilege’ or role-based access control should also be implemented. Only allow access to the information that a user needs to perform their job. In the intel community, this is referred to as “need-to-know.”
Another method for zero trust is network segmentation. This involves implementing subnetworks into your infrastructure. This ensures that only those who need specific information are granted access AND deters lateral movement across the network by nefarious actors (i.e., bad guys).
On a side note, whenever you are asked for your identification when using a credit card or for any such transaction, thank the person for protecting you.
Commonwealth Sentinel is here to help you navigate the ever-evolving and growing cyber security threats we all face. We can evaluate your existing IT security and work with your team to improve it. At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things. Contact us today or sign up for a free consultation.