Zero Trust Model Overview

Introduction

Growing concern for data security as business data is accessed outside traditional corporate networks.
Importance of understanding how to protect data on corporate networks and in the cloud.
Focus of the lesson: Zero Trust Model.

Assumes everything is an open and untrusted network.
Operates on the principle of "trust no one and verify everything."
Challenges traditional security strategies that rely on network integrity.
Moves away from single authentication methods (e.g., passwords) to multi-factor authentication.
Access is restricted to specific applications or data needed by users.

Verify Explicitly
- Always authenticate and authorize based on:
  - User identity
  - Location
  - Device security
  - Workload data classification
  - Anomalies
Least Privileged Access
- Limit user access with Just In Time (JIT) and Just Enough Access (JEA).
- Implement risk-based adaptive policies and data protection.
Assume Breach
- Segment access by network, user, devices, and applications.
- Use encryption for data protection.
- Employ analytics for visibility, threat detection, and enhancing security posture.

Identities
- Verify users, services, or devices accessing resources with strong authentication.
Devices
- Monitor device health and compliance.
- Recognize large attack surfaces from device and cloud data flows.
Data
- Classify, label, and encrypt data based on attributes for protection.
Applications
- Manage and discover all applications, including shadow IT.
- Control permissions and access.
Infrastructure
- Implement access controls, version configurations, and telemetry.
Network
- Segment networks and apply micro-segmentation.
- Utilize threat protection, end-to-end encryption, and monitoring.