Be sure your Zero Trust plan gives complete coverage

The what, when, and where of zero trust

Does your Zero Trust Security plan give complete coverage?

So, you’re moving to a Zero Trust security plan. You know the principles of Zero Trust. Great. But you also need to ensure your Zero Trust plan covers all the bases. That means three areas: what your plan covers, when, and where.

What do your Zero Trust protocols cover?

Your Zero Trust plan needs to ensure you’re managing access to and from every type of entity. That means access management from:

  • All devices—That means computers, including desktops and laptops, but also mobile phones and other mobile devices.
  • All users—Employees, contractors, vendors, and customers.
  • To all types of data and applications—Your Zero Trust plan needs to manage access to your cloud applications and data as well as on-prem ones. It needs to handle databases, servers, software, and everything that could put your company at risk.

When is your access plan applied?

Key to Zero Trust is the idea that you don’t trust access attempts inside the organization any more than those coming from outside of it. So, when users inside the firewall try to access an application, you manage them largely like you would those outside the firewall.

In addition, Zero Trust doesn’t make exceptions. Your high-security requirements apply whenever someone attempts to access an application or data. When pretty much means always.

Where do you enforce Zero Trust?

Traditional security methods are focused on the endpoints where cyber criminals initiate their attacks. Zero Trust applies everywhere:

  • Data access points
  • Cloud applications
  • On-prem and legacy apps
  • Ideally, the desktop, laptop, or phone—so that even the device login is protected

The tools for Zero Trust

Identity and access management tools, such as Single Sign-On (SSO) and, Multi-Factor Authentication (MFA), can help you address the what, when, and where. SSO improves both security and ease-of-use, eliminating passwords and using a vetted trust relationship for safe authorization. MFA adds an important level of security by requesting additional data from users to verify they are who they say they are.

Zero trust identity management using risk-based authentication. Zero trust identity management using risk-based authentication.

Add to this a good identity management system that provides role-based access control and easy provisioning capabilities; a system to protect devices through SSO; and, preferably, risk-based authentication that accounts for contextual information such as the user’s location, IP address, and login time to create user profiles and challenge risky login attempts. These tools, on top of a secure infrastructure with micro-segmentation, will help you implement Zero Trust security in a way that isn’t burdensome to users.

Related Resources:

5 reasons relying on passwords is a recipe for disaster

Passwords alone are not enough to protect your corporate data. Here are five reasons why.

Read More

How to get to zero trust security

Learn about the four principles and the four tools you need to apply to get to zero trust security.

Read More

Quiz: Can you name these common cyberattacks?

Can you name the most common cyberattacks? Take our quiz and see how cyber-knowledgeable you really are.

Take Quiz

Securing Mobile Devices: The Zero Trust Model

See how the death of the security perimeter leads to a new way of thinking about security for mobile devices.

Read More