Intelligent CIO Middle East Issue 47 | Page 20

LATEST INTELLIGENCE GETTING STARTED WITH ZERO TRUST NEVER TRUST, ALWAYS VERIFY E Executive Summary PRESENTED BY Download whitepaper here Zero Trust security throws away the idea that we should have a “trusted” internal network and an “untrusted” external network. The adoption of mobile and cloud means that we can no longer have a network perimeter-centric view of security; instead, we need to securely enable access for the various users (employees, partners, contractors, etc.) regardless of their location, device or network. There is no silver bullet when it comes to achieving a Zero Trust security architecture, but identity and access management is the core technology that organizations should start with on their Zero Trust journeys. Here, we’ll explore the shifts in the security landscape that led to the creation of Zero Trust, what the Zero Trust Extended Ecosystem (ZTX) framework looks like today, and how organizations can utilize 20 INTELLIGENTCIO Okta as the foundation for a successful Zero Trust program now, and in the future. Challenge: When the Wall Protecting Your Data Vanishes Traditional security architectures were built with two groups in mind: trusted individuals, able to access everything inside the organization, and untrusted individuals, kept on the outside. Security and IT teams invested in defensive systems that protected the barrier between them, focusing heavily on securing the network perimeter, often with firewalls. While they were successful in building a wall between potential threats and the safety of the corporate ecosystem, this full-trust model is problematic, because when that perimeter is breached, an attacker has relatively easy access to everything on a company’s privileged intranet – not to mention the havoc a rogue insider could wreak without even breaching the perimeter. n