{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Embracing Digital Transformation","title":"#172 Zero Trust Architecture","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/2788a3ca\"></iframe>","width":"100%","height":180,"duration":2095,"description":"In this podcast episode Darren talks with Steve Orrin and Dave Marcus and discusses zero trust architecture, a new security model needed for today's digital environments where the network perimeter is disappearing. Experts explain what zero trust is, key principles like default deny access and continuous authentication, and advice for organizations starting their zero trust journey.Digital transformation initiatives aim to leverage new technologies to improve business processes and deliver better experiences for customers and employees. However, as organizations extend their networks and adopt cloud services, the traditional security model of trusted networks is no longer sufficient. This creates vulnerabilities that cybercriminals can exploit.Zero trust architecture provides a framework to enhance security in today's complex environments. But what exactly is zero trust, and how can organizations start their journey towards implementing it? Factors Driving Zero Trust ArchitectureAt its core, zero trust architecture is about applying continuous, granular policies to assets and resources when users or entities attempt to access or interact with them. This policy gets applied regardless of the location - on premise, cloud, hybrid environments, etc. The key principles are:* Default deny - Access is denied by default. Users must authenticate and be authorized for the specific context.* Continuous authentication - Users are re-authenticated and re-authorized throughout their sessions based on analytics of identity, time, device health, etc.* Microsegmentation - Fine-grained controls are applied for lateral movement between assets and resources.This differs from traditional network security that uses implied trust based on whether something is inside the network perimeter. Getting Started with Zero TrustImplementing zero trust is a continuous journey, not a one-time project. However, organizations need to start somewhere. Here are a few best practices:* Educate yourself...","thumbnail_url":"https://img.transistorcdn.com/IRrW2aizIeoZDn3gKLEax-JYQ8V_WzaFpHdgsslDx3k/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9jM2Ji/MDk1OTdiYzA4ZWMw/NWNlOTY0N2RhMWQ3/YmY5Mi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}