HOW A ZERO TRUST APPROACH PROTECTS YOUR PEOPLE AND YOUR DATA

摘要

Trust is typically a highly prized commodity, but for companies looking to protect their people and their data, it can create a weak spot. Most security breaches occur because our default position is trust. A very small percentage of breaches are the equivalent of blasting open the bank vault - the average cyber-attack is more like cleaning out someone's bank account by convincing the teller you're someone else. Or, to put it in a business context, like someone helping themself to a briefcase of sensitive documents left lying on a desk in an office that has inadequate security. Which is why implementing a Zero Trust Framework is so effective at protecting an organisation. At a practical level, Zero Trust is about only providing access to systems, networks and data if it is needed, only ever to an authorised person and within agreed parameters. Ideally, all activity that touches your organisation should be questioned, every time, whether that's a transaction between two servers or a user logging onto a device or an application.