Zero Trust Notes#Digitally Trust is a Binary True or False decision. Zero Trust implies there is no Trust.
Trust can not be based on location. There is no trusted network vs un-trusted networks.
Focus instead on Business outcomes:
- determining what data needs protected (Data Classification)
- Who needs access to that data
- Inspect and log all the traffic
- who the president is
- where the president is
- who should have access to the president
Limit Attack Surface:
Protected Resources should only have one interface to which access can be granted. Network Partitions, with (NGFW) (Layer 2-7 validation) are one method to limit the Attack Surface.
Microservices are another.
More Information#There might be more information for this subject on one of the following: ...nobody
- [#1] - https://www.centrify.com/lp/zero-trust-summit-2018-livestream/ - based on information obtained 2018-10-30-