Zero Trust creator talks about implementation, misconceptions, strategy

2021-04-06 05:05

As further proof of the effectiveness of the model, Kindervag says that the zero-trust strategy is widely deployed in some of the world's most secure environments, which is why we've seen the NSA provide guidance on Zero Trust from their perspective recently.

Among the pitfalls that organizations that opt to implement a zero-trust model should try to avoid he singles out two: thinking that Zero Trust is binary, and deploying products without a strategy.

Among the misconceptions Kindervag is eager to dispel is that Zero Trust makes a system "Trusted", and that it is just about identity and multi-factor authentication.

Zero Trust eliminates trust from digital systems, because trust is a vulnerability that can be exploited, he says.

"Zero Trust CONSUMES identity attributes validated with MFA in Layer 7 policy. If Zero Trust was equal to MFA, then neither the Snowden nor Manning breaches would have been able to happen. They had very robust MFA and identity solutions, but no one looked at their packets post-authentication."

Finally, he stressed that even though many vendors have redefined the meaning of Zero Trust to meet the limitations of their products, there are no "Zero Trust products."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/7ZZaHLjG-yQ/

#zerotrust