What Exactly is a Zero-Trust Network, and Why Should You Care?

Dennis Snider

529 Posts

146 views

0

Posted On 30 Dec 2021

Zero Trust security is a security model that involves stringent identity verification for everyone wanting to access something stored on a private network, regardless of whether they are internal or external to the network. To put it another way: A typical IT network security trusts everyone and everything on the network. On the contrary, Zero Trust architecture trusts no one.

The castle-and-moat idea is used in conventional IT network security. Outside access is difficult to get with a castle-and-moat security system, but all the devices that connect to the network from inside are trusted by default. The issue with this strategy is that if an attacker obtains access to the network, they can subsequently gain complete control over everything inside that network.

Verification and constant monitoring: A Zero Trust network assumes that there are attackers both internal and external to the network; as such, no users or devices should be trusted without verification. User identification and privileges, in combination with device identity and security, are all verified by Zero Trust. Furthermore, users are evaluated on an ongoing basis.

Least-Privilege Access: Least-privilege access entails granting users only the level of access they require, like an army general providing intelligence to their soldiers only in situations when they need that information. This decreases the amount of time each user can access areas of the network that are critical.

Control of device access: In combination with human access constraints, to achieve zero trust, strict device access constraints are required. Zero-trust systems must keep track of how many distinct devices are attempting to connect to their network, verify that each one is permitted, and ensure all devices have not been compromised.

Multifactor Authentication (MFA): Zero-Trust security also emphasizes MFA. MFA refers to the requirement to provide multiple pieces of evidence to validate a user; simply inputting a password is not sufficient. The two-factor authorization (2FA) used on online sites like banking sites, and social media platforms are common forms of MFA. Users who activate 2FA for these services must input a code delivered to another device, such as a smartphone, as well as the password, giving multiple aspects of evidence that they are who they say they are.

https://computertechpro.net/author/dnas420/
categoryFeaturesSecurity Risk
tagIT networkLEast-Privilege AccessmfaVerificationzero trust
read more

Related Videos

Want to Hack into the Department of Homeland Security?
Five Windows 11 Drawbacks to Watch Out For
Question of the Month
Why Should You Use Web Browser Tabs?
Users are Enraged by Microsoft Edge’s New Buy Now, Pay Later Feature
How Did Trojan Malware in Google Play Apps Get Past Security?
How to Cut Down On Your Smartphone’s Data Use
APP OF THE MONTH: VINEGAR