Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 400 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Optiv Cybersecurity Dictionary
Zero Trust is an information security model based on the principle of maintaining strict access controls by not trusting anyone or any action by default, even those already inside the network perimeter. Each transaction is evaluated for need and risk.
Created in 2010 by John Kindervag (then a principal analyst at Forrester Research), Zero Trust Network (ZTN), or Zero Trust Architecture (ZTA), is centered on the belief that an organization shouldn’t automatically trust anything inside or outside its perimeters. Instead, it must verify anything and everything trying to connect to its environment before granting it access. In other words, all access to IP addresses, machines, etc. is cut off to any given user until the system can identify and authorize that user.
This model combines network and application micro-segmentation with identity and access management (IAM) platforms to verify access and authorization. It also allows for more granular access control and machine/application-specific policies.
The Zero Trust mindset is the antithesis of a hardened perimeter around unfettered internal access. The old ways of thinking (ivory tower and gatekeeper’s mentality) had organizations focused on a perimeter defense that assumed everything in the tower had permission and didn’t pose a threat. The “tower,” however, is no longer simple and siloed. Organizations don’t have corporate data centers serving a contained network of systems anymore. Instead, it’s a mix of on-premises and cloud networks with users (employees, customers and partners) – accessing all types of applications from various devices in multiple locations around the globe.
Zero Trust relies on several technologies and governances, including micro-segmentation and user-based granular perimeter enforcement (locations and other data), to determine whether to trust a user, machine or application seeking access to a particular part of the enterprise. For example: Who is Joe? Is it really him? What endpoint is he coming from, and is it secure? Moreover, should there be a rule around this access? Do we need to create a conditional policy around access to certain information? To do this, Zero Trust employs multi-factor authentication, IAM, orchestration, analytics, encryption, scoring and file system permissions. It also calls for governance policies such as “least privilege,” which affords users the least amount of access they need to accomplish a specific task.