Now, everyone wanted one as well!Īs a result of a massive marketing push by network and cybersecurity vendors, most organizations were looking for turn-key solutions that would completely replace their existing network infrastructures: they were planning on “buying Zero Trust”.Īlas, Zero Trust is not something you can buy as an off-the-shelf product. In a sense, it was a reference implementation of Zero Trust that the company deployed internally.
In the same year, Google introduced BeyondCorp, a security framework created as a result of a sophisticated cyberattack on their internal infrastructure and aimed at preventing similar breaches in the future.īeyondCorp shifted access controls from the perimeter to individual devices and users, thus dramatically reducing the potential attack surface for future hackers and making it much more difficult for them to perform lateral movement, compromising one system after another. His ideas on eliminating the very concept of “trusted systems” from corporate networks helped popularize the catchy term “Zero Trust”. In 2009, John Kindervag, back then with the analyst firm Forrester, came up with the idea that networks should be designed without implicit trust, enforcing strict identity verification and least-privilege access policies for every user, device, or application, regardless of whether they are located in the former local area network or somewhere on the Internet. In later years, the growing adoption of cloud and mobile technologies has led to erosion of the very notion of a corporate network perimeter the legacy security tools that depended on it are no longer able to keep up with modern security risks.Ĭontinued growth of corporate networks, both in scale and complexity, as well as the rapidly growing number of complex targeted attacks for purposes of hacking, industrial espionage, or government surveillance, have led to a sharp increase in the number of data breaches. If these are the questions you’re looking for answers to, keep on reading!īack in the early 2000s, before the era of the cloud and ubiquitous presence of smart mobile devices, organizations were already feeling the pressure to reorganize their networks for digital transformation – establishing communications to their partners, contractors, and even customers, building API-based public interfaces to their data siloes, and embracing the early ideas of Internet-scale computing. Unfortunately, the reality is not quite that simple.Įven under the enormous pressure of the pandemic, the adoption rate of ZT remains very low, with most organizations still struggling not just with finding the right solutions to buy but finding the right people to deploy them or even with grasping the basics of Zero Trust Architecture.
0 kommentar(er)
