Forum Replies Created

  • Akanksha Kapur

    Member
    January 2, 2024 at 6:36 am in reply to: Adapting the Zero Trust Model!

    Firstly, Zero Trust is about never assuming trust and continually verifying every access attempt.
    Here’s a good starting point: <div>

    • Control Access by Using Identities: Focus on defining and continuously validating user, device, and service identities.
    • Boost Authentication: Implement continuous and multifactor authentication to ensure that identities are verified without hindering the user experience.

  • Akanksha Kapur

    Member
    January 2, 2024 at 11:09 am in reply to: Adapting the Zero Trust Model!

    Have been listening to this buzzword a lot nowadays, I know someone who tackled a scenario with micro-segmentation. Here’s how it played out.

    The network was traditionally set up with perimeter defenses, but as they grew and adopted more cloud services, the limitations of this model became apparent. They needed a way to secure sensitive data and critical applications more effectively.

    Adopting Micro-Segmentation

    They decided to implement micro-segmentation to divide the network into smaller, isolated segments. Each segment could contain anything from a single application to a group of related workloads.

    For instance, they separated their customer data servers from the rest of the network. Only specific authenticated services and users could interact with that segment, drastically reducing the risk of a widespread breach.

    The Process

    They started by identifying which applications and data were most critical and sensitive. For them, it was customer data and proprietary research.

    Next, they analyzed the traffic flow to understand how these critical assets interacted with the rest of the network. This helped them define the boundaries of each segment.

    Then they implemented strict access controls and policies for each segment, using a combination of firewalls, virtualization, and cloud controls tailored to their infrastructure.

    Results

    Post-implementation, the benefits were clear. When one segment faced a threat, the impact was isolated, protecting the rest of the network. It was like compartmentalizing a ship to prevent it from sinking if one part gets breached.

    They also found compliance easier to manage, as we could apply specific rules to segments dealing with regulated data.