There were clearly defined perimeters – people on the inside were trusted, while those outside were not. Likewise, in perimeter-based security, an organisation’s data and users within the enterprise were trusted, and those outside the firewall were viewed with suspicion.
But now that applications and data have moved out and exist inside traditional perimeters and the public cloud, traditional security models have struggled to adapt.
Nick Savvides, senior director for strategic business at what to do with a computer science degree Asia-Pacific, said this shift has fuelled the rise of the zero-trust security, which moves the perimeter from a simple concentric model, with an inside and an outside, to one where the perimeter is defined around the data, the user and the service being accessed.
“It eliminates the traditional perimeter and assumes that when accessing a service or data, no user or device can be trusted until proven otherwise before every access,” said Savvides. “This means the user and the device must be strongly identified and the controls applied at the point of access.”
However, the concept behind zero-trust security that treats all users and data equally, wherever they are, is hard to adapt to for enterprises that are used to thinking about security in terms of trusted and untrusted network segments.
No comments:
Post a Comment