Zero trust architectures are essential protective measures for the modern enterprise. The latest NSA guidance provides detailed recommendations on how to implement the networking angle of these measures.
As more workloads shift to the cloud by businesses, there is more need to adopt zero trust computing strategies. But the notion of “untrusted until verified” is still slow to catch on, although in some areas of the world, such as in the United Arab Emirates, zero trust adoption is accelerating.
To try to bridge the gap between desire and implementation and also provide a more concrete roadmap towards zero trust adoption, the US National Security Agency has been publishing a series of guidelines over the past few years, covering device protection and user access. The latest one was released this week concerning network security.
My story on what this means for zero trust is in Dark Reading today, and it can be found here.