What is zero trust architecture, and why do you need it?

By Sidsel Loyche - 29 Jul, 2022
IAM

As we quickly and constantly improve the digital everyday life around us and within our hybrid work environment, we will also encounter more developed and sophisticated threats to the organisation that can be impossible to predict, difficult to contain, and costly to remediate.

Since 2019 the UK’s National Cyber Security Centre (NSCS) has recommended that Enterprise architects consider a ‘zero trust’ approach to IT architecture. Zero trust architecture derives its name from its core assumption that the network is already compromised and cannot be trusted. Instead, trust is established at application layer, within encrypted sessions between mutually authenticated endpoints. Consequently, the security of the session does not rely on the presence of a trusted network. Instead, it relies on the integrity of the endpoint and user identities.

 Planning your zero trust strategy
  • A full inventory and understanding of the user types and roles within your company and the processes concerned with the registration and maintenance of the most authoritative sources of information, such as the human resources and customer relationship systems, and the privileges accorded to those user types and roles needed to grant access to services.
  • An IAM solution that can create and maintain the single strong source of identity based on the authoritative sources of information, authenticate users, and authorise access or provision authorisation information to services.
  • An Enterprise applications and networking architecture that can provision access to services based on authenticated and authorised user identities, and other contextual or compliance information, such as machine health; with the network focussing on connecting users to services, efficiently and effectively, and the IAM solution on security policy enforcement.
About Able+

Able+ is an IAM solution that transforms user productivity by enabling simple and secure single sign-on access to applications and services using corporate or social identities. It’s also an identity governance & administration (IGA) solution that makes it easy to align your IAM with organisational policies and processes. The powerful workflow engine and visual workflow editor can bring together different sources of identity data to create a single source of truth. Delivered as a managed service, Able+ can be operated from your choice of public cloud, private, or hybrid infrastructure.

Learn more

Watch our video below or  book a consultation to find out if Able+ is the right IAM solution for you

 

Author: Sidsel Loyche

ISO-IEC 27001 certification
Cyber essentials
Microsoft partner
aws

About us

New Era Technology's managed services, cloud, collaboration, data networking, security solutions help more than 20,000 worldwide customers adapt to a rapidly changing digital world, increase productivity and enhance learning experiences.

 

Stay in touch

Email us to get interesting news and updates delivered to your inbox.