Why Zero Trust Must Be Identity Based
Sergey Stelmakh | 07/29/2021
Remote work has become widespread during the coronavirus pandemic, and with it, hacker attacks. How to protect against them? The best form of security is the concept of Zero Trust, tied to user identity rather than system resources, because it provides greater visibility by performing risk analysis on every attempt to access a resource rather than at the network segment level, writes Silverfort CTO and co-founder Yaron Kassner on the eWEEK portal.
Security professionals often view the Zero Trust kenya mobile database as a panacea for almost all types of problems. According to Okta , the number of organizations using Zero Trust initiatives has more than tripled, from 16% three years ago to 60% in 2020. But the model can create headaches for those responsible for network infrastructure and even create vulnerabilities as users try to find their own ways around their pain points.
A more advanced form of security would tie the same Zero Trust concept—never trusting who a user claims to be—to the user's identity, rather than to system resources. Let's look at this in more detail.
Zero Trust Model
The Zero Trust model is typically implemented at the network level to prevent a hacker from using a compromised account to move around the environment or distribute malware. It works by breaking the network into smaller segments and authenticating users by verifying their identity and access privileges before logging into each one.