Friday Mar 12, 2021

#20 - Zero Trust

Would you actually like to learn about what Zero Trust is without a bunch of marketing jargon?  On this week's episode G Mark Hardy and Ross Young provide a thoughtful discussion on Zero Trust from NIST and Microsoft:

  • NIST 800-207 Seven Tenets of Zero Trust
    1. All data sources and computing services are considered resources
    2. All communication is secured regardless of network location
    3. Access to individual enterprise resources is granted on a per-session basis
    4. Access to resources is determined by dynamic policy
    5. The enterprise monitors and measures the integrity and security posture of all owned and associated assets
    6. All resource authentication and authorization are dynamic and strictly enforced before access is allowed
    7. The enterprise collects as much information as possible about the current state of assets, network infrastructure, and communication and uses it to improve its security posture

Comments (0)

To leave or reply to comments, please download free Podbean or

No Comments

Copyright 2024 All rights reserved.

Podcast Powered By Podbean

Version: 20241125