Morioh
Login
Virgil Hagenes

Virgil Hagenes

3 years ago

With more people working from home, companies have started to rely on VPNs to grant secure access to users. However, VPNs aren’t the only way for businesses to guarantee a secure connection for workers.

Network World mentions a protocol known as a zero trust architecture, which only grants users the bare minimum of access to a network. Whatever access a user’s job requires is what the **zero-trust architecture **will allow the user to have.

Zero trust works by verifying every single device’s connection to the network. It uses an identity-management system that only allows specific access to certain parts of the network for particular devices. Authorized users no longer have access to any and all parts of the network. They can only get into the specific locations they need to perform their jobs. Zero-trust is an overarching architecture, but certain elements apply to networks, specifically. This article intends to demystify those elements and show how networks can be used to support zero trust.

The Principle of Least Privilege

Beyond Trust tells us that the principle of least privilege states that access rights for every account, user, or device accessing the network has limited access based on what they need to perform their duties. One way that networking professionals can ensure least-privilege access is via network segmentation. When a device or a user logs into a network, he or she is granted access only to the segment of the system where pertinent data is stored.

Networks can quickly implement this using a simple switching technique. By placing different segments in areas that are unreachable from each other, they limit the incidence of a breach. If a user or device is compromised, their limited access reduces the damage to the overall organization. Any applications or data on the compromised machine is limited to where the user or device has access.

Network segmentation can also be performed physically. Different networks can be located in different locations or separate server points, each with their own dedicated server. Suppose the malicious user is trying to hijack a central server. In that case, this setup ensures that only one of the company’s servers becomes compromised, while the rest of the business’s systems intact and safe.

#cyber-security #cybersecurity #security #network #network-security #internet-security

How Networks Can Support A Zero Trust Architecture

hackernoon.com

How Networks Can Support A Zero Trust Architecture

With more people working from home, companies have started to rely on VPNs to grant secure access to users. This article intends to demystify those elements and show how networks can be used to support zero trust.

1.25 GEEK