For credentials, these are the new Seven Commandments for zero trust

2023-03-15 16:48

Credential security company Beyond Identity has launched the Zero Trust Authentication initiative for organizations to hack-proof user credentials, with backing from major firms.

In an effort to codify just how IT should apply that in practice, companies including Zero Scaler, Optiv, Palo Alto Networks, Crowdstrike and Ping Identity are supporting an initiative led by security firm Beyond Identify to lay out a zero trust architecture to inoculate corporate accounts and credentials against phishing and ransomware, among other threats.

The company held a virtual kickoff on March 15, 2023 in New York to announce the program, which aims to address weak links in security, passwords and MFA that can allow attacks such as that which led to the hacking of a LastPass engineer's corporate laptop in 2022.

Capable of assessing device security posture - Able to determine whether devices comply with security policies by checking that appropriate security settings are enabled, and security software is actively running.

Integrated with the security infrastructure - Integrating with a variety of tools in the security infrastructure to improve risk detection, accelerate responses to suspicious behaviors, and improve audit and compliance reporting.

Jay Bretzmann, research VP at IDC, added: "Delivering continuous verification of identity - user and devices - is essential to meeting the promise of zero trust. Beyond Identity has taken the approach to utilize signals from security infrastructure in near real-time to raise the security standard and capitalize on existing security infrastructure investments in EDR and SASE tools."

News URL

https://www.techrepublic.com/article/zero-trust-authentication/

#credential #zerotrust