Security News > 2022 > September > Modernizing data security with a zero trust approach to data access
There is a practical zero trust model for data security every company can follow with such a model heeding data access at the start.
There are many reasons why companies need to consider a unified, zero trust approach to their data access as part of their data protection strategy - both in terms of value and risk.
On the unified front, one of the functional components of the NIST zero trust architecture is data security, specifically defined as "All the data access policies and rules that an enterprise develops to secure its information, and the means to protect data at rest and in transit."
Since most companies have sensitive data residing within their databases, data warehouses, or data lakes, it is imperative that every company looks to control and secure access to all such sensitive data across their distributed environments.
Every enterprise needs to have clear and deterministic data security and data access policies to ensure data is stored, processed, accessed, used and shared in a secure way.
Regardless of the organization's approach to zero trust, to follow the zero trust principle, every organization must continuously validate users who need access to data - i.e., continuously authenticate, authorize and validate users across all data sources.
News URL
https://www.helpnetsecurity.com/2022/09/13/zero-trust-data-access/