Security News > 2023 > September > Access control in cloud-native applications in multi-location environments (NIST SP 800-207)
Enterprise application environments consist of geographically distributed and loosely coupled microservices that span multiple cloud and on-premises environments.
Users from different locations access them through different devices.
This scenario calls for establishing trust in all enterprise access entities, data sources, and computing services through secure communication and the validation of access policies.
Enterprise infrastructure layer for uniform policy deployment.
ZTA can only be realized through a comprehensive policy framework that dynamically governs the authentication and authorization of all entities through status assessments.
The configuration of technology components that will enable the deployment and enforcement of different policies A comprehensive monitoring framework that provides coverage for various tasks, such as observing the status of resources and tracking events The use of telemetry data to enhance security by fine-tuning access rights and enforcing step-up authentication.
News URL
https://www.helpnetsecurity.com/2023/09/14/nist-sp-800-207a-zero-trust-architecture/
Related news
- Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- 7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments (source)