Join IDSA
Join IDSA

Archives

  1. Adopting Zero Trust in a Post-Pandemic World

  2. Beyond Humans: Zero Trust and Machine Identities

    January 12th, 2021 by Zero Trus TWG | Posted in Technical Working Groups | No Comments

    Today’s economic climate exacerbates these cyber risks and the impact of the COVID-19 epidemic has led to an acceleration in digital transformation and technical change that will further stress-test organizations’ identity and access management practices. This creates new challenges in minimizing access-related risks across traditional datacenters, cloud, and DevOps environments. Companies that have adopted an…

  3. NIST SP 800-207 – Zero Trust Architecture – Finalized with More Emphasis on Identity

    August 19th, 2020 by Stefan Lesaru | Posted in News | No Comments

    Last week, the National Institute of Standards and Technology (NIST) published its guidance for implementing a Zero Trust architecture, SP 800-207. This latest publication consolidates industry input received on previous draft versions of the architecture. As part of IDSA’s mission to promote identity-centric security, we provided feedback to NIST and are pleased to see some of our recommendations…

  4. BYO[D] Doesn’t Have to Mean Bring Your Own [Vulnerability]

    June 1st, 2020 by Baber Amin | Posted in Best Practices | No Comments

    The Bring-Your-Own-Device (BYOD) model of operating has been a double-edged sword for IT professionals. On the one hand, it empowers and allows for business productivity. On the other hand, it continues to create a serious challenge for organizations as IT and security professionals find ways to enforce access control across a diverse ecosystem of mobile…

  5. Customer Advisory Board Conversations: Zero Trust and the Remote Workforce

    May 4th, 2020 by Jeff Reich | Posted in Customer Advisory Board, Perspective | No Comments

    Until the last 45 days, an organization’s industry, company culture and the role of an individual were the primary drivers behind remote working policies. However, recently we’ve seen an unprecedented shift to remote working due to the concerns over Covid-19. For some organizations it’s been relatively uneventful, for others it has been a monumental change…

  6. Zero Trust: Where Do You Start?

    April 21st, 2020 by Allen Moffett | Posted in How To Advice | No Comments

    With the Zero Trust Myths out of the way, where do you start? Zero Trust is a philosophy, a set of guiding principles that can be used to improve the security posture of an organization and reduce the risk of a breach by limiting lateral movement. Implementing Zero Trust is more than simply implementing a “Zero Trust”…

  7. Zero Trust Myth Series: Keep Users at the Forefront of Your Security Approach

    March 3rd, 2020 by Torsten George | Posted in Perspective | No Comments

    Friction is the enemy of cybersecurity. Tools and approaches that make it more difficult for users to do their jobs turn security solutions into impediments, digital stop signs in an era when business leaders are demanding agility. For organizations implementing a Zero Trust approach, the subject of user experience should not be far from mind….

  8. Zero Trust Myth Series: Leveraging Risk Analysis to Enhance Trust

    January 28th, 2020 by Torsten George | Posted in Perspective | No Comments

    Trust is a foundational part of personal relationships, and it is a foundational part of the digital relationships between employees, their devices, and the enterprise. However, the sad fact facing security professionals is that there are some insiders – whether they are disgruntled employees or external threat actors acting as legit users that penetrated the…

  9. Zero Trust Myth Series: Zero Trust is about Secure Access, Not Zero Access

    January 8th, 2020 by Torsten George | Posted in Perspective | No Comments

    Say the term Zero Trust, and there will be those that take the word zero to mean exactly that-zero, as in no trust at all. In reality, Zero Trust is about acknowledging that bad actors will make their way into an organization’s environment and building defenses with that idea in mind. This confusion is the…

  10. IDSA Response to NIST Zero Trust Architecture SP 800-207

    November 21st, 2019 by Jeff Reich | Posted in News | No Comments

    Recently, NIST released 800-207 draft document, which is intended to provide guidance for government and non-government organizations on implementations of a Zero Trust architecture.  The document provides a definition of the core components that make up a “zero trust architecture (ZTA) network strategy,” a gap analysis of areas where more research and standardization is required, establish an…

« Previous EntriesNext Entries »
Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA