Modal Title
Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
The Transformative Power of SBOMs and IBOMs for Cloud Apps
Jun 15th 2023 9:20am, by Oren Penso
Pulumi: New Features for Infrastructure as Code Automation
Jun 15th 2023 9:00am, by B. Cameron Gain
A CTO’s Guide to Navigating the Cloud Native Ecosystem
Jun 13th 2023 9:39am, by Jess Lulka
Survey Says: Cloud Maturity Matters
Jun 13th 2023 6:20am, by Fredric Paul
The Rise of the Cloud Native Cloud
Jun 12th 2023 9:38am, by John Dietz
A CTO’s Guide to Navigating the Cloud Native Ecosystem
Jun 13th 2023 9:39am, by Jess Lulka
Deploy a Kubernetes Development Environment with Kind
Jun 10th 2023 7:00am, by Jack Wallen
Chainguard Improves Security for Its Container Image Registry
May 31st 2023 6:30am, by Steven J. Vaughan-Nichols
How to Protect Containerized Workloads at Runtime
May 30th 2023 4:00am, by Kevin Casey
How to Containerize a Python Application with Paketo Buildpacks
May 29th 2023 5:00am, by Sylvain Kalache
Creating an IoT Data Pipeline Using InfluxDB and AWS
Jun 5th 2023 10:25am, by Jason Myers
Dell Intros New Edge, Generative AI, Cloud, Zero Trust Prods
May 31st 2023 11:00am, by Chris J. Preimesberger
Gothenburg, Sweden Used Open Source IoT to Drastically Cut Water Waste
May 23rd 2023 6:58am, by Alex Handy
Building a Plant Monitoring Tool with IoT
May 8th 2023 9:27am, by Zoe Steinkamp
How to Choose and Model Time Series Databases
Apr 28th 2023 3:00am, by Robert Kimani
In the Great Microservices Debate, Value Eats Size for Lunch
Jun 13th 2023 6:10am, by Anoop Balakuntalam
Amazon Prime Video’s Microservices Move Doesn’t Lead to a Monolith after All
Jun 13th 2023 6:00am, by Scott M. Fulton III
Case Study: A WebAssembly Failure, and Lessons Learned
May 25th 2023 7:00am, by Susan Hall
RabbitMQ Is Boring, and I Love It
May 15th 2023 6:30am, by Josh Long
How OpenSearch Visualizes Jaeger's Distributed Tracing
May 11th 2023 10:00am, by Derek Ho and Jonah Kowall
Red Hat Launches OpenStack Platform 17.1 with Enhanced Security
Jun 14th 2023 10:34am, by Steven J. Vaughan-Nichols
WithSecure Pours Energy into Making Software More Efficient
Jun 1st 2023 7:14am, by Joe Fay
Don't Force Containers and Disrupt Workflows
May 25th 2023 3:10pm, by Alex Williams
How to Decide Between a Layer 2 or Layer 3 Network
Apr 25th 2023 10:00am, by Gino Dion
Linkerd Service Mesh Update Addresses More Demanding User Base
Apr 11th 2023 6:17am, by Joab Jackson
Microsoft Fabric Defragments Analytics, Enters Public Preview
May 23rd 2023 8:00am, by Andrew Brust
Forrester on WebAssembly for Developers: Frontend to Backend
May 17th 2023 6:00am, by Loraine Lawson
Return of the Monolith: Amazon Dumps Microservices for Video Monitoring
May 4th 2023 7:23am, by Joab Jackson
IBM's Quiet Approach to AI, Wasm and Serverless
May 4th 2023 6:00am, by Loraine Lawson
Cloud Control Planes for All: Implement Internal Platforms with Crossplane
Apr 13th 2023 10:00am, by Bassam Tabbara
The Architect’s Guide to Storage for AI
Jun 1st 2023 7:44am, by Keith Pijanowski
8 Real-Time Data Best Practices
Jun 1st 2023 5:00am, by Jennifer Riggins
Raft Native: The Foundation for Streaming Data’s Best Future
May 30th 2023 9:44am, by Doug Flora
Why the Document Model Is More Cost-Efficient Than RDBMS
May 25th 2023 9:24am, by Rick Houlihan
Amazon Aurora vs. Redshift: What You Need to Know
May 25th 2023 6:27am, by Casey Samulski
Frontend Development Software Development Typescript WebAssembly Cloud Services Data Machine Learning Security
Canva Launches Developer Platform, Eyes Generative AI Apps
Jun 14th 2023 11:00am, by
Dev News: Apollo Drama, Monster API and Mobile App Discontent
Jun 10th 2023 6:00am, by
Vision Pro for Devs: Easy to Start, but UI Not Revolutionary
Jun 9th 2023 9:09am, by
Dev News: A New Rust Release and Chrome 114 Updates
Jun 3rd 2023 9:00am, by
Dealing with Death: Social Networks and Modes of Access
Jun 3rd 2023 6:00am, by
An E-tailer’s Journey to Real-Time AI: Recommendations
Jun 15th 2023 10:41am, by
How Dell's Data Science Team Benefits from Agile Practices
Jun 15th 2023 9:38am, by
The Transformative Power of SBOMs and IBOMs for Cloud Apps
Jun 15th 2023 9:20am, by
Apache SeaTunnel Integrates Masses of Divergent Data Faster
Jun 15th 2023 6:58am, by
Can Companies Really Self-Host at Scale?
Jun 14th 2023 7:47am, by
70% of Devs Using or Will Use AI, Says Stack Overflow Survey
Jun 14th 2023 10:45am, by
Dev News: A New Rust Release and Chrome 114 Updates
Jun 3rd 2023 9:00am, by
Dev News: New Microsoft Edge Tools and Goodbye Node.js 16
May 27th 2023 6:00am, by
Dev News: Angular v16, plus Node.js and TypeScript Updates
Apr 22nd 2023 4:00am, by
This Week in Computing: Malware Gone Wild
Mar 25th 2023 7:10am, by
WebAssembly and Go: A Guide to Getting Started (Part 1)
Jun 12th 2023 5:00am, by
WebAssembly and Go: A Guide to Getting Started (Part 2)
Jun 12th 2023 5:00am, by
How WASM (and Rust) Unlocks the Mysteries of Quantum Computing
Jun 8th 2023 3:00am, by
The Need to Roll up Your Sleeves for WebAssembly
Jun 5th 2023 6:00am, by
Python and WebAssembly: Elevating Performance for Web Apps
Jun 5th 2023 3:00am, by
Managing Kubernetes Complexity in Multicloud Environments
Jun 15th 2023 7:48am, by
3 AI Moves Smart Companies Get Right
Jun 14th 2023 8:41am, by
Amazon Prime Video’s Microservices Move Doesn’t Lead to a Monolith after All
Jun 13th 2023 6:00am, by
Open Sourcing AWS Cedar Is a Game Changer for IAM
Jun 12th 2023 10:00am, by
Dell Intros New Edge, Generative AI, Cloud, Zero Trust Prods
May 31st 2023 11:00am, by
An E-tailer’s Journey to Real-Time AI: Recommendations
Jun 15th 2023 10:41am, by
How Dell's Data Science Team Benefits from Agile Practices
Jun 15th 2023 9:38am, by
Apache SeaTunnel Integrates Masses of Divergent Data Faster
Jun 15th 2023 6:58am, by
Salesforce Officially Launches Einstein AI-Based Data Cloud
Jun 15th 2023 5:00am, by
Can Companies Really Self-Host at Scale?
Jun 14th 2023 7:47am, by
3 AI Moves Smart Companies Get Right
Jun 14th 2023 8:41am, by
Google's DeepMind Extends AI with Faster Sort Algorithms
Jun 13th 2023 12:09pm, by
How to Reduce the Hallucinations from Large Language Models
Jun 9th 2023 7:46am, by
Cybersecurity Pioneer Calls for Regulations to Restrain AI
Jun 9th 2023 5:00am, by
How Apache Airflow Better Manages Machine Learning Pipelines
Jun 8th 2023 3:13pm, by
The Transformative Power of SBOMs and IBOMs for Cloud Apps
Jun 15th 2023 9:20am, by
Salesforce Officially Launches Einstein AI-Based Data Cloud
Jun 15th 2023 5:00am, by
Red Hat Launches OpenStack Platform 17.1 with Enhanced Security
Jun 14th 2023 10:34am, by
Survey Says: Cloud Maturity Matters
Jun 13th 2023 6:20am, by
Open Sourcing AWS Cedar Is a Game Changer for IAM
Jun 12th 2023 10:00am, by
Platform Engineering Operations CI/CD Tech Life DevOps Kubernetes Observability Service Mesh
At PlatformCon: For Realtor.com, Success Is Driven by Stories
Jun 13th 2023 9:31am, by Jennifer Riggins
‘Running Service’ Blueprint for a Kubernetes Developer Portal
Jun 7th 2023 8:30am, by Zohar Einy
Building GPT Applications on Open Source Stack LangChain
Jun 7th 2023 6:58am, by Akmal Chaudhri
Can DevEx Metrics Drive Developer Productivity?
Jun 7th 2023 3:00am, by Jennifer Riggins
SRE vs. DevOps? Successful Platform Engineering Needs Both
Jun 6th 2023 10:53am, by Paige Cruz
Pulumi: New Features for Infrastructure as Code Automation
Jun 15th 2023 9:00am, by B. Cameron Gain
Managing Kubernetes Complexity in Multicloud Environments
Jun 15th 2023 7:48am, by Hemanth Kavuluru
The Risks of Decomposing Software Components
Jun 14th 2023 12:47pm, by Alex Williams
No More FOMO: Efficiency in SLO-Driven Monitoring
Jun 14th 2023 10:00am, by Imaya Kumar Jagannathan
Can Companies Really Self-Host at Scale?
Jun 14th 2023 7:47am, by Jessica Wachtel
What’s Up with OpenStack in 2023
Jun 14th 2023 7:00am, by Kristin Barrientos
Kubernetes Operators: The Real Reason Your Boss Is Smiling
Jun 14th 2023 6:30am, by Ryan Wallner
Is DevOps Tool Complexity Slowing Down Developer Velocity?
May 17th 2023 6:29am, by Heather Joslyn and Lawrence E Hecht
AI Has Become Integral to the Software Delivery Lifecycle
May 12th 2023 11:01am, by Richard MacManus
4 Core Principles of GitOps
May 11th 2023 2:17pm, by Alex Williams
Neil deGrasse Tyson on AI Fears and Pluto’s Demotion
Jun 9th 2023 6:00am, by Loraine Lawson
Can DevEx Metrics Drive Developer Productivity?
Jun 7th 2023 3:00am, by Jennifer Riggins
Donald Knuth Asked ChatGPT 20 Questions. What Did We Learn?
Jun 4th 2023 6:00am, by David Cassel
Dealing with Death: Social Networks and Modes of Access
Jun 3rd 2023 6:00am, by David Eastman
Defend Open Source from Trolls: Oppose Patent Rule Changes
Jun 2nd 2023 6:49am, by Michael Dolan
Kubernetes Operators: The Real Reason Your Boss Is Smiling
Jun 14th 2023 6:30am, by Ryan Wallner
At PlatformCon: For Realtor.com, Success Is Driven by Stories
Jun 13th 2023 9:31am, by Jennifer Riggins
How DevSecOps Teams Should Approach API Security
Jun 12th 2023 6:30am, by Gary Archer
GitLab All in on AI: CEO Predicts Increased Demand for Coders
Jun 9th 2023 8:26am, by Loraine Lawson
Unlocking DevSecOps' Potential Challenges, Successes, Future
Jun 9th 2023 7:40am, by Steven J. Vaughan-Nichols
Managing Kubernetes Complexity in Multicloud Environments
Jun 15th 2023 7:48am, by Hemanth Kavuluru
Kubernetes Operators: The Real Reason Your Boss Is Smiling
Jun 14th 2023 6:30am, by Ryan Wallner
The First Kubernetes Bill of Materials Standard Arrives
Jun 13th 2023 10:48am, by Steven J. Vaughan-Nichols
The Rise of the Cloud Native Cloud
Jun 12th 2023 9:38am, by John Dietz
Deploy a Kubernetes Development Environment with Kind
Jun 10th 2023 7:00am, by Jack Wallen
No More FOMO: Efficiency in SLO-Driven Monitoring
Jun 14th 2023 10:00am, by Imaya Kumar Jagannathan
How Adobe Uses OpenTelemetry Collector
Jun 5th 2023 10:02am, by Susan Hall
Red Hat Ansible Gets Event-Triggered Automation, AI Assist on Playbooks
May 24th 2023 6:22am, by Joab Jackson
Observability: Working with Metrics, Logs and Traces
May 22nd 2023 8:23am, by Jessica Wachtel
Why Upgrade to Observability from Application Monitoring?
May 19th 2023 11:49am, by George Hamilton
Don't Force Containers and Disrupt Workflows
May 25th 2023 3:10pm, by Alex Williams
Linkerd Service Mesh Update Addresses More Demanding User Base
Apr 11th 2023 6:17am, by Joab Jackson
How to Create Zero Trust Architecture for Service Mesh
Mar 27th 2023 7:00am, by Joe Fay
Ambient Mesh: Sidestepping the Sidecar
Mar 1st 2023 8:44am, by Jeff Goldman
Service Mesh Demand for Kubernetes Shifts to Security
Oct 27th 2022 11:04am, by B. Cameron Gain
Networking / Security

What Is Zero Trust Security?

Zero trust is a security model built on central access controls and not trusting everyone in an organization. Discover how this impacts data security today in this article.
Mar 30th, 2022 3:00am by
Featued image for: What Is Zero Trust Security?
Feature image by mohamed Hassan from Pixabay.

Zero trust is a framework for security in which all users of an application, software, system, or network, inside or outside of an organization, must be authenticated, verified, and frequently validated before being granted access to specific data or tools within the company’s network. In the zero trust framework, networks can be in the cloud, hybrid, or on-premise with employees in any location. The assumption is that no users or devices are to be trusted with access without meeting the necessary validation requirements.

In today’s modern digital transformation forward environment, the zero trust security framework helps to ensure infrastructure and data are kept safe, and more modern business challenges are handled appropriately. For example, as the pandemic has evolved, securing remote workers and their access will be of greater importance for organizations that want to scale their workforce. Ransomware threats and attacks are increasing, and zero trust implementation can detect these threats, from novel ones to custom-crafted malware, far before they cause harm.

What Foundation Makes Up Zero Trust?

Zero trust security is built on the architecture established by the National Institute of Standards & Technology (NIST). The NIST 800-207 publication outlines the standard for zero trust procedures and serves as a comprehensive foundation to ensure compatibility against modern attacks, especially in a work-from-anywhere model that most companies use.

As security breaches are rising, federal agencies adhere to the NIST outlined zero trust policies and put vendors and other stakeholders through rigorous demands to ensure compliance. The global zero trust security market is expected to reach, and driving a lot of this growth is the frequency of target-based attacks aimed at taking down cloud-based applications, IT infrastructure components, and endpoint devices, to name a few.

In short, zero trust is built on a couple of principles:

  1. Always verify access for all users across all devices.
  2. By minimizing access, the impact of external and internal breaches is also minimized if they do occur.
  3. Access to resources, systems, software, and applications is determined by the policy and user identification only.
  4. Implementing contextual analysis and collection can help you see behavior patterns across the network and respond quickly.

How Does Zero Trust Work?

Traditional network security follows the “trust but verify” way of thinking and granting access to data and information. Zero trust security follows the “trust no one and verify everything” model of thinking. In the traditional method, users are trusted automatically which puts companies at major risk for attacks and breaches. Companies must monitor and validate user access and establish controls before any access is granted in the zero trust architecture method.

Chart about the importance of just-in-time infrastrcuture access

Sixty percent (60%) of VP level or above executives in Teleport’s 2021 State of Infrastructure Access and Security Report believed it is very important to move towards zero trust architectures. Rank and file security professionals were much more circumspect. (Blame IT and Security, Not End Users, for Password Problems)

With zero trust security, email is secure, and data is encrypted. Multifactor authentication (MFA) or two-factor authentication (2FA) are incorporated into the organization’s security policy, ensuring endpoints and applications are connected and secure appropriately. Identity access management (IAM) is another form of zero trust in which some of these systems, including single sign-on and privileged access management are implemented.

In a remote workforce environment, it is essential to ensure employees, freelancers, vendors, clients, and contractors have the proper access to the correct information in the right way and at the right time. If you’re granting access at face value to people working within or outside your company, you could be putting your company at risk for severe breaches. IT teams in remote-first or remote-hybrid work environments must be prepared to verify and validate users and devices with automated policies that can work even when they are not at their desks.

Real-time visibility also impacts zero trust policy implementation. Organizations with hundreds of users and applications require geolocation monitoring, endpoint function knowledge, device credential privileges, incident detection, software versioning, and user identity credentials.

Chart of priorities driving IT.

According to a survey of IT and information security workers in the US federal government, the desire to secure IoT and edge devices is driving zero trust is particularly high at intelligence agencies (e.g., NSA, CIA). Meanwhile, civilians in the government are more likely to believe zero trust is about with the government more likely to believe zero trust is about protecting data and preventing a breach.

Why Zero Trust Matters

Virtual Private Networks and firewalls might still be relevant but are slowly becoming a thing of legacy. With so much information being accessed in the cloud, the on-premise perimeter approach to securing data and applications is less effective than it was just a decade or two ago.

Zero trust matters because it provides a solid and robust protection cap against a range of cyberattacks and ransomware and malware attacks that exist in exponential numbers today. It can be costly and time-consuming for the modern enterprise to lose data, assets, and identities for the modern enterprise.

With zero trust implemented, companies can accomplish the following:

  • Improve real-time visibility into all their cloud, hybrid, and on-premise environments.
  • Protect data, applications, devices, and networks from cyberattack infiltration.
  • Minimize the risk of data and security breaches.
  • Decrease the time it takes to detect and respond to an attack.
  • Continuously monitor components, users, workloads, and devices across multiple environments.
  • Build a consistent user experience for internal and external employees and contractors.

Bottom Line: Zero Trust Today

Today, no single security strategy works for every organization. Developing a customized, comprehensive policy that works in every scenario and for every user and device is imperative. Applying access policies prevent employees from accessing private or sensitive information and keeps relevant information secure and accessible to the right people in the proper environments.

To learn more about zero trust security, discover what zero trust network access is and how zero trust models work in container security.

Group Created with Sketch.
SHARE THIS STORY
RELATED STORIES
The Cloud Native Landscape: Observability and Analysis Security Teams Need a Higher Appetite for Risk How Zero Trust Models Work in Container Security Why Access Management Is Step One for Zero Trust Security What Do Authentication and Authorization Mean in Zero Trust?
TNS owner Insight Partners is an investor in: Teleport, Real.
RELATED STORIES
Shift Left: How Security Pros Should Prepare Developers for DevSecOps Why Cloud Native Systems Demand a Zero Trust Approach The Cloud Native Landscape: Observability and Analysis Why Access Management Is Step One for Zero Trust Security How to Fight Kubernetes Complexity Fatigue
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.