The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved conventional network boundaries. The workforce is more distributed, with remote workers who need access to resources anytime, anywhere, and on any device, to support the mission. Enterprises must evolve to provide secure access to company resources from any location and asset, protect interactions with business partners, and shield client-server as well as inter-server communications.
A zero trust cybersecurity approach removes the assumption of trust typically given to devices, subjects (i.e., the people and things that request information from resources), and networks. It focuses on accessing resources in a secure manner, regardless of network location, subject, and asset, and enforcing risk-based access controls while continually inspecting, monitoring, and logging interactions. This requires device health attestation, data-level protections, a robust identity architecture, and strategic micro-segmentation to create granular trust zones around an organization’s digital resources. Zero trust evaluates access requests and communication behaviors in real time over the length of open connections, while continually and consistently recalibrating access to the organization’s resources. Designing for zero trust enables enterprises to securely accommodate the complexity of a diverse set of business cases by informing virtually all access decisions and interactions between systems and resources.
This NCCoE project will show a standards-based implementation of a zero trust architecture (ZTA). Publication of this project description begins a process that will further identify project requirements and scope, as well as the hardware and software components to develop demonstrations. The NCCoE will build a modular, end-to-end example ZTA(s) using commercially available technology that will address a set of cybersecurity challenges aligned to the NIST Cybersecurity Framework. This project will result in a freely available NIST Cybersecurity Practice Guide.
The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved conventional network boundaries. The workforce is more distributed, with remote workers who need access to resources anytime, anywhere, and on any device, to support the mission. Enterprises must evolve...
See full abstract
The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved conventional network boundaries. The workforce is more distributed, with remote workers who need access to resources anytime, anywhere, and on any device, to support the mission. Enterprises must evolve to provide secure access to company resources from any location and asset, protect interactions with business partners, and shield client-server as well as inter-server communications.
A zero trust cybersecurity approach removes the assumption of trust typically given to devices, subjects (i.e., the people and things that request information from resources), and networks. It focuses on accessing resources in a secure manner, regardless of network location, subject, and asset, and enforcing risk-based access controls while continually inspecting, monitoring, and logging interactions. This requires device health attestation, data-level protections, a robust identity architecture, and strategic micro-segmentation to create granular trust zones around an organization’s digital resources. Zero trust evaluates access requests and communication behaviors in real time over the length of open connections, while continually and consistently recalibrating access to the organization’s resources. Designing for zero trust enables enterprises to securely accommodate the complexity of a diverse set of business cases by informing virtually all access decisions and interactions between systems and resources.
This NCCoE project will show a standards-based implementation of a zero trust architecture (ZTA). Publication of this project description begins a process that will further identify project requirements and scope, as well as the hardware and software components to develop demonstrations. The NCCoE will build a modular, end-to-end example ZTA(s) using commercially available technology that will address a set of cybersecurity challenges aligned to the NIST Cybersecurity Framework. This project will result in a freely available NIST Cybersecurity Practice Guide.
Hide full abstract
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
