NIST 제로 트러스트 보안 지침의 시행 - White Paper
디지털 트랜스포메이션, 혁신적인 기술의 확산, 그리고 ‘재택근무’와 같은 새로운 트렌드는 기업의 디지털 경계를 허물었습니다. 경계가 허물어지고 그야말로 모든 곳에서 액세스 요구가 증가하는 상황에서 기존 경계 보안 솔루션으로 대응하는 것은 충분하지 않습니다.
When all transactions in the enterprises are untrusted, and there is no defined security boundary, encrypting data and protecting apps at the access point by continuously validating identities is core to enterprise security.
Work securely and conveniently from home
Offer employees, contractors and consultants an easy and convenient login experience no matter where they are or what device they're using.
in the Cloud
Overcomes the limitations of legacy security schemes by securing cloud apps at the access point from the cloud.
Prevent Breaches and Protect your Data
Protect apps by encrypting data and continuously validating identities.
NIST describes three approaches to building an effective Zero Trust security architecture.
The identity-centric approach of Zero Trust architecture places identity of users, services, and devices at the heart of policy creation. Enterprise resource access policies are based on identity and assigned attributes. The primary requirement to access corporate resources is based on the access privileges granted to a given user, service or device. To cater for a more adaptive authentication, the policy enforcement may consider other factors as well, such as device used, asset status, and environmental factors.
The network-centric approach of Zero Trust architecture is based on network micro-segmentation of corporate resources protected by a gateway security component. To implement this approach, the enterprise should use infrastructure devices such as intelligent switches (or routers), Next Generation Firewalls (NGFW) or Software Defined Networks (SDN) to act as policy enforcement protecting each resource or group of related resources.
A cloud-based combined Zero Trust architecture approach leverages cloud-based Access Management and Software at the Service Edge (SASE). The cloud-based Access Management solution protects and enforces the identities of cloud applications and services, while SASE components, such as Software Defined Networks (SDNs) or Next Generation Firewalls (NGFW) protect on-premise resources.
SafeNet Trusted Access
SafeNet Trusted Access, Thales’s cloud-based access management and authentication service, is the starting point for effective Zero Trust security implementations, meeting Zero Trust principles:
In the spring of 2019, if you were to stroll through the vast exhibition halls of the Moscone Center during RSA Conference, you would be overwhelmed by the sheer number of booths - some crammed for space and some with room to spare. Regardless of their size, they were all selling the same thing; security. This was expected. However, what was not expected was that they all seemed to have gravitated towards two overarching security themes of zero-trust and machine learning.
Last month, the Computer Security Resource Center at NIST (National Institute of Standards and Technology) released general guidance and recommendations for implementing a Zero Trust architecture through their special publication, SP 800-207. This latest document is, of course, a reflection of how NIST views Zero Trust security, but it is important to point out two insights on how this view has been formed.
Seamless authentication and continuous access to online resources has been an elusive target. While many have tried, few have been able to achieve it.
Cloud adoption is the stepping stone for any organization’s digital transformation initiative. Learn how to navigate this very fluid threat landscape with solutions that scale up with your business needs, and help you achieve the true potential of your digital transformation objectives.