{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Embracing Digital Transformation","title":"#170 Zero Trust Principles ","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/7d887ec6\"></iframe>","width":"100%","height":180,"duration":2228,"description":"In this episode Darren explores the principles of Zero Trust architecture with special guest David Marcus, Senior Security Architect, and returning guest Dr. Anna Scott Implementing Zero Trust SecurityZero trust security has become an increasingly popular model for securing modern IT environments. But what exactly is zero trust and what are some best practices for implementing it? This post provides an introduction to zero trust principles and key considerations for adopting a zero trust architecture. What is Zero Trust?The zero trust model is centered around the concept of \"never trust, always verify\". Unlike traditional network security that focuses on perimeter defenses, zero trust assumes that attackers are already inside the network. No users or devices are inherently trusted - verification is required every time access is requested.There are several core principles of zero trust:- Verify all users and devices before granting access- Limit access to only what is needed (least privilege)- Assume breaches will occur and limit blast radius- Monitor activity continuously for anomalies- Automate responses to threatsAdopting zero trust means shifting from implicit trust to continuous authentication and authorization of users, devices, and workloads. Key Pillars of a Zero Trust ArchitectureThere are six key pillars that make up a comprehensive zero trust architecture: 1. IdentityStrong identity verification and multi-factor authentication ensures users are who they claim to be. Access policies are tied to user identities. 2. DevicesDevice health, security posture, and approval must be validated before granting access. This includes bring your own device (BYOD) controls. 3. NetworkSoftware-defined microsegmentation and encrypted tunnels between trusted zones replace implicit trust in the network. Access is granted on a per-session basis. 4. WorkloadApplication permissions are strictly limited based on identity and environment. Access to high value assets is proxied...","thumbnail_url":"https://img.transistorcdn.com/IRrW2aizIeoZDn3gKLEax-JYQ8V_WzaFpHdgsslDx3k/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9jM2Ji/MDk1OTdiYzA4ZWMw/NWNlOTY0N2RhMWQ3/YmY5Mi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}