An Introduction to Zero Trust

October 19, 2020

No single product or vendor can provide you with an end-to-end zero trust solution. In this video, Jerry Chapman explains that we can help you integrate the various components, break down silos and create an effective zero trust architecture.


Hi, I'm Jerry Chapman - I'm a technical director in the identity and data management practice. I'm also a Forester certified zero trust strategists. So the question I get is what is zero trust? Zero trust really is a modern security model that takes the least privileged mode of security and updates that, and creates a more of a trust, nothing, and create an earned trust type of environment. And then finally, it's, it's micro perimeters, not micro-segmentation where you're taking a subnetting off your, your, your network. It's about creating a micro perimeter about your, around your resources and your assets within your environment. So the next thing I get a lot of conversation around is Y zero trust. The first thing, when you think of why zero trust need to consider the legacy perimeter, well, the legacy perimeter is gone. We're not there anymore where we're really in the cafe style network. So you don't have trusted networks that were sitting on.


The second piece is around cloud adoption. Cloud adoption really, really focuses on getting into, into the cloud. But when we do that, wherever we're really increasing our, our threat landscape, adding vulnerabilities and creating more complexity to our, our infrastructure. And then the third piece is data and data growth. Just the exponential growth of data in our environment just causes. We really have to protect that more and really need to spend more time around that. So getting to a zero trust framework may seem complex, but it's actually easier when you consider the sum of its parts here at Optiv. We've got four core principles that we think about with zero trust. First, establishing a micro perimeter around the asset. Secondly, establishing a secure context or identity-based context to the resource, third, creating secure or enhanced security for that asset. For example, multifactor authentication, biometrics, or anything like that, that enhances or steps up with indication to the, to the asset.


And then finally continuously reviewing the identity and the secure connection to the asset. So not a single solution or a single vendor is going to provide you as your trust environment or a zero trust architecture. You really have to use multiple vendors, use a, an Optiv as an SSI to help integrate these components, to break down those silos and to create that zero trust architecture. And finally, zero trust is a journey. It's an evolution. It's a continuous process. Optiv can help you go down this path to get you to zero trust. Well, thank you for your time today. Hope you got a lot out of this and stay tuned for future zero trust videos.