Cyber Defense eMagazine May 2019
Cyber Defense eMagazine May Edition for 2019 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cybersecurity expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group
Cyber Defense eMagazine May Edition for 2019 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cybersecurity expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
miniature bridges - an email can cross the defensive moat between the corporate IT infrastructure and<br />
your personal cloud in mere nanoseconds).<br />
Zero Trust Fundamentals: Trust No-one<br />
To secure a cloud-native application, we must embrace Zero Trust security and expand our thinking<br />
beyond legacy solutions to evolve with new application architectures. Application security must be<br />
thought of in terms of authentication and authorization: trust no-one, and authenticate, authorize and<br />
encrypt everything.<br />
These are the key tenets of Zero Trust security.<br />
Eliminate network trust<br />
Segment network access<br />
Gain visibility and analysis capabilities<br />
Trust No-one<br />
Zero Trust as a concept establishes a security paradigm based on the assumption that any system can<br />
be accessed and breached at any time, by anybody. You must trust no-one: even those already inside<br />
the network perimeter.<br />
You can apply this to any structure - a cloud application, a data center, a bank vault, the aforementioned<br />
castle-and-moat, or your own home. Building security controls from a basis of Zero Trust allows you to<br />
keep data, property, confidential information (or even your family) safe.<br />
Assigning Dynamic Workload Identity<br />
Traditional approaches to security are two dimensional: based on IP address, and therefore, location.<br />
True application identity must be formed using a multi-dimensional trust profile. Consider approaching an<br />
application as you would a person, or a colleague: you automatically generate a dynamic trust profile<br />
based on their face, mannerisms, gait, height, voice, and other identifiers that – collectively – are unique<br />
to them. This same dynamic approach must be taken to confirming application-identity and must be<br />
assigned at a granular, workload level.<br />
61