The Latest in Cyber Security: What’s a Zero Trust Network?

By blog Jun 19 2019


Despite the increasing number of companies focusing on security measures, cyber-attacks are still an enormous issue. Out of the need for more reliable security models, zero trust networks have emerged as the latest approach to cyber security.


Zero Trust Transforms the Traditional Approach to Security

The traditional approach to security measures is rooted in the notion that if a company’s network is protected by a firewall, then it is completely safe from outside intruders. Now, however, that presumption has been proven wrong. These days, a large number of attackers are able to hack into corporate networks through fake emails and other obscure methods. There have been many instances were the criminal accused of stealing data was shown to have been intruding into the targeted company’s network for several months prior to the incident.


This is how the need for zero trust networks came to exist. With the zero trust approach, there is no such thing as unconditional trust for all employees and they must reauthenticate their account each time. It assumes that potential attackers can be found inside of the network, as well as the outside. With zero trust, every time an employee accesses business data, a two-step authentication login that combines location information and biometric authentication is required.


Why Zero Trust Now?

Zero trust has been focused on two goals. The first is to fix the troubling reality that information leaks caused by cyber-attacks has not reduced. Large corporations such as Marriott, Uber, Sony, and Target are known to have invested heavily in security measures. And yet each one has continued to suffer from cyber-attacks. These events have proven that the traditional approach is becoming obsolete.


The second goal is the penetration of cloud and mobile in the business realm. Today, teleworking makes good use of cloud tools and smartphones for mobile work. These business practices are highly common today. Since the birth of zero trust, the conventional method of putting all one’s faith in a firewall has become washed out of existence.


The Zero Trust Network: Build Another Wall Inside the Wall

The framework for zero trust is grounded on the premise that no account should be trusted. This is why reauthentication procedures are mandatory, as described above.


In addition to zero trust, another important rule of thumb is to only allow access to necessary files by the people who need it. For example, employees in the sales department are only allowed to access the data and applications needed for sales work. Other employees in the same company would not be able to see the files used by the sales staff.


Traditional security involves relying on firewalls, but the zero trust method constructs even stronger walls within these walls.


We hope you’ll take this opportunity to examine the benefits of zero trust and reconsider your company’s security policies.


<< ブログHOMEへ