Video: Zero Trust Endpoint Protection Q1

What is zero trust, in reality?







VIDEO TRANSCRIPT

So we're going to start off with the first question which is fairly general just to get the the ball rolling and it is what is zero trust in reality and we're going to start with greg for this one so over to you greg

Sure well a uh a general uh question requires a general answer so the zero trust in my view is where you everything could be anywhere so you don't care what device people are on you don't care what network people are using you don't care where they are they should be able to do whatever they need wherever they are and if they're authorized they can do exactly what they need to do and that's it so they can't go and elevate themselves to do extra work and that's particularly scary with administrators because administrators tend to have very wide-ranging access and you see a lot of scope creep where they can do things that they shouldn't so xero trust says that administrator should do exactly what they need to do at the time that they're doing it as well so and the way that you think of that is more like a if you're a cloud provider if you log into a gmail or an azure portal or something like that that's all you get to do you don't get to see other clients you don't get to see other things you can do what you're allowed to do

Brilliant okay michael would you like to expand on that one

Yeah absolutely and look at the outside I like the fact that this question is what is zero trust in reality because uh you know zero trust is kind of two different things there's the academic theoretical side which if you want a really good starting point actually nist's special publication 800-207 is a pretty good a pretty good foundation point on on understanding a bit about the the theoretical side and understanding that zero trust at its core is really a reference architecture it's very much a paradigm shift which really pushes the notion or the principle of least privilege which I think many security professionals are already sort of somewhat familiar with but it's really a stripping back and understanding that we start from not having any notion of trust to begin with and we build upon that so we we start off with this notion of least privilege in reality where we find ourselves today in terms of the tactical elements of xero trust in my opinion are that we've got a lot of vendors who are you know throwing the word zero trust out there and perhaps aren't kind of you know totally hitting in that you know they're heading in the same direction but it's very much that sort of aspirational aspect of ending up where we want to be for me zero trust uh is often it comes down to that the castle and moat kind of conversation where we've often viewed our it environments as being um you know there's very much a perimeter and we have this notion of an internal part of the network and an external part of the network and of course we apply this this zero trust thinking we really are knocking that perimeter down and understanding that that um we've got to be a lot more granular a lot more focused on on understanding how things are moving through the network regardless of the physical location or the network location of particular assets um or users in the system

All right Andrew yeah some great answers there and just to I guess complement that a little bit i would say one one i think really good way to think about xero trust is to think about the word assumption it's kind of the the element is to avoid assumptions of implicit trust you know avoid catastrophic events or get to a zero level event where trust was involved and we didn't you know imply that someone would do what they should do or an object on the network was only doing what it should do but the flip side of that is also changing the inflection of assumption to mean that we should assume that we will be breached and therefore going to plan beyond that factor and and i think that kind of leads into a little bit more of that reality of how to go about doing this is not only a strategy that we can pull towards and and and kind of drive some of our decision making and optimize some of the uh the cost centers we have around security uh but it's also that that method of saying well if we're gonna be breached or we assume it's going to happen if it hasn't happened already how can we go about containing the impact of that so it doesn't become one of those catastrophic events and I think that that shift and any solutions that you're looking at or any programs that you're embarking on in your cyber security strategy if they kind of follow under that banner then you know that you're going to have a real you know return on that and you're going to have a real effect and impact on that because it's going to happen but we can contain the impact of blast radius as that so I think in reality that's what xero trust is really about containment