info_outline
Ssn 2 Ep 15 Zero Trust, Pt 3
02/19/2022
Ssn 2 Ep 15 Zero Trust, Pt 3
Ssn 2 Ep 15 Zero Trust Pt 3 Beyond the basic, foundational things you should already have in place, what’s the next thing you need to do to implement a Zero Trust approach to network security? 1:04: It starts with the regulatory requirements a company must meet, then layer in policies and procedures. 3:07: Every time a user wants to access resources, they are going to need to prove their credentials. 3:16: NIST has developed a standard for Zero Trust, 800-207, which lays out what an enterprise needs to do to meet the zero trust model. 4:58: Access to individual enterprise resources is granted on a per session basis and determined by policies. 5:42: This can be geographically related and can also be determined by the user’s normal behaviors. 7:25: Is AI involved in determining a user’s normal behavioral patterns? 8:07: What specific changes need to be made to the architecture of your network? 10:01: HR Management system, segmented on its own server. 11:38: Is zero trust accessible to most companies? 14:12: What is the first step in getting started with zero trust? 14:48: A managed services provider is a good first step in starting the documentation process, defining policies, pushing it through to the user community. 15:38: Getting the employees’ buy-in is important. 16:57: Begin to expand segmentation out to the workstations. 18:10: What level of importance would you rate this for companies to make this happen? 18:38: If you depend on technology and you have data that you don’t want sold on the dark web, you must take a look at zero trust. 18:48: A good service provider will help you with a logical roll-out plan 20:04: Make sure you think this through first, implement your policies, and then start rolling it out in a logical manner. Zero Trust Architecture: Your hosts: Rex Nance and Penny O'Halloran of East Atlantic Security, LLC @ Voiceover Artist: Paul Kadach at www.voices.com
/episode/index/show/cybersavvycafe/id/22187624
