Overview#

Trust Tier (component of BeyondCorp) are organized into tiers and assigned to each entry in the Device Inventory Service by the Trust Inferer.

Each Resource Inventory Service entry is associated, through Data Classification, with a minimum Trust Tier required for access.

In order to access a given Resource Inventory Service entry, a Device Inventory Service entry Trust Tier assignment must be equal to or greater than the resource’s minimum Trust Tier requirement.

Using the Principle of least privilege and assigning the lowest Trust Tier of access required to complete a request decreases costs associated with support and productivity and also improves the availability of the device.

As a Device Inventory Service entry is allowed to access more Sensitive Data, we require more frequent tests of user presence on the device, so the more we trust a given device, the shorter-lived its credentials. Therefore, limiting a device’s Trust Tier to the Principle of least privilege means that its user is minimally interrupted.

We may also various requirements for higher Trust Tier such the installation of the latest operating System update within a few business days to retain a high Trust Tier, whereas devices on lower Trust Tier may have slightly more relaxed timelines.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-4) was last changed on 30-Jul-2017 10:23 by jim