With the onset of cloud computing, perimeters dissolved due to fragmented data centers. Suddenly, data and applications went from nicely confined rooms with a handful of doors and windows to virtualized environments with no perimeters. It was back to the Wild West, which meant security and compliance were quickly downgraded—and the increased interest in Zero Trust for network security. In fact, NIST has released Draft Special Publication (SP) 800-207, Zero Trust Architecture. Forrester’s report, Zero Trust For Compliance (July 15, 2019), details control mapping for Zero Trust against 12 industry and government compliance mandates.
Historically, security was attempted primarily by fortifying the data center perimeter. That architecture is no longer effective, as there is an incongruity between the physical data center boundary and virtual perimeters. Those new perimeters can take up any size and shape and change at cloud speeds, making it impossible for traditional security to follow. Additionally, the security controls offered by cloud vendors are weaker than traditional options and are often no match against attacks hindering confidence and compliance in cloud adoption. A comprehensive Zero Trust networking architecture is required.
What is Zero Trust Networking?
Creating a Zero Trust networking architecture means creating a least privileged environment. This requires an understanding of:
•N-tier application structure
•User, process and workload identity