ZERO-TRUST ARCHITECHTURE IN CYBER SECURITY
uu232003
192 views
19 slides
Aug 09, 2024
Slide 1 of 19
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
About This Presentation
Information about Zero trust Architechture
Slide Content
ZERO TRUST ARCHITECHTURE “TRUST ITSELF IS A VULNERABILITY ” PREPARED BY GOWRISHANKAR T O
TABLE OF CONTENTS INRODUCTION HISTORY CASTLE AND MOAT MODEL ZERO TRUST ARCHITECTURE WHY SHOULD COMPANIES ADOPT ZERO TRUST IN THEIR ENVIRONMENT PROS AND CONS OF ZERO TRUST ARCHITECHTURE CONCLUSION 2
INTRODUCTION Zero Trust Architecture (ZTA) is a cybersecurity concept that doesn't automatically trust anything inside or outside the network perimeter. It verifies the identity and security of users and devices before granting access to resources, regardless of their location . A zero-trust architecture enables organizations to prioritize access and restrictions . The goal is to implement a zero-trust policy across all traffic, to ensure no user, device, or system can put the network at risk. 3
HISTORY Zero Trust Architecture (ZTA) originated in 2010, proposed by Forrester Research's John Kindervag as a security model that assumes no trust by default, regardless of location or network segment . Leading technology companies like Google and Microsoft embraced Zero Trust principles, with Google's BeyondCorp framework becoming a notable example of ZTA implementation NIST published Special Publication 800-207 in 2020, formalizing guidance on Zero Trust Architecture implementation, contributing to its standardization ZTA gained widespread adoption across industries due to its effectiveness in mitigating cyber threats, especially with the rise of remote work and cloud services 4
CASTLE AND MOAT MODEL The castle-and-moat model is a traditional cybersecurity model that involves building a strong outer wall or moat around a castle to make it difficult for intruders to enter 5
DRAWBACKES OF CASTLE AND MOAT MODEL ASSUMPTION OF PERIMETER SECURITY LIMITED PROTECTION AGAINST INSIDER THREATS INABILITY TO DETECT INSIDER THREATS COMPLEXITY AND MAINTENANCE INFLEXIBILITY IN REMOTE WORK ENVIRONMENTS FAILURE TO ADAPT TO MODERN THREATS 6
ZERO TRUST ARCHITECHTURE What is zero trust architecture ? Zero trust is a cybersecurity strategy wherein security policy is applied based on context established through least-privileged access controls and strict user authentication—not assumed trust. A well-tuned zero trust architecture leads to simpler network infrastructure, a better user experience, and improved cyber threat defense . “ NEVER TRUST ALWAYS VERIFY ” 7
ZERO TRUST ARCHITECHTURE CREDIT : MICROSOFT 8
TECHNOLOGYS USED IN ZTA IDENTITY AND ACCESS MANAGEMENT(IAM) MULTI – FACTOR AUTHENTICATION NEXT – GENERATION ENDPOINT SECURITY TECHNOLOGY IDENTITY PROTECTION 9
PRINCIPLES OF ZTA VERIFY IDENTITY LEAST PRIVILAGE ACCSES MICRO - SEGMENTATION CONTINUOUS MANAGMENT POLICY BASED ACCSES CONTROL 10
LOGICAL COMPONENTS OF ZTA POLICY ENGINE (PE ) POLICY ADMINISTRATOR (PA) POLICY ENFORCEMENT POINT (PEP) CREDIT : NIST 11
MAJOR LOGICAL COMPONENTS OF ZTA POLICY ENGINE (PE ) : Makes access decisions for resources Uses enterprise policy and external input Utilizes trust algorithm. Paired with policy administrator Logs and executes decisions POLICY ADMINISTRATOR (PA) Controls communication paths Generates authentication tokens Relies on PE's decision Configures PEP Communicates via control plane 12 POLICY ENFORCEMENT POINT (PEP ) Manages connections Communicates with PA Controls access Can be single or divided Situated within trust zone
DEPLOYMENT OF ZTA IDENTIFYING THE PROTECT SURFACE CREATING A MICRO PERIMETER MONITORING USERS AND DEVICES ACCSES POLICIES CONFIGURATION 13
WHY SHOULD COMPANIES ADOPT ZERO TRUST IN THEIR ENVIRONMENT CREDIT : https://www.techtarget.com/ CREDIT : IMR (INDIAL MILITERY REVIEW) 14
WHY SHOULD COMPANIES ADOPT ZERO TRUST IN THEIR ENVIRONMENT ADVANCED THREAT LANDSCAPE DATA PROTECTION AND PRIVACY MOBILE WORKFORCE AND CLOUD ADOPTION ZERO TRUST PRINCIPLES ALIGN WITH MODERN IT ARCHITECTURE MINIMIZE ATTACK SURFACE COMPLIANCE REQUIREMENTS BUSINESS CONTINUITY AND RESILIENCE 15
PROS OF ZERO TRUST ARCHITECHTURE ENHANCED SECURITY GRANULAR ACCESS CONTROLS REDUCED ATTACK SURFACE ADAPTABILITY COMPLIANCE 16
CONS OF ZERO TRUST ARCHITECHTURE COMPLEXITY COST USER EXPERIENCE RESISTANCE TO CHANGE INTEGRATION CHALLENGES 17
CONCLUSION By continuously verifying and authenticating every access attempt, Zero Trust Architecture helps organizations better defend against increasingly sophisticated cyber threats and mitigate the risk of data breaches As technology continues to evolve and cyber threats become more advanced, Zero Trust Architecture will remain a critical component of modern cybersecurity strategies, enabling organizations to stay resilient and secure in an ever-changing threat landscape . 18
19 THANK YOU
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 192
- Slides 19
- Age 478 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views