OIS Zero Trust Solution

Introduction

The Zero Trust Solution is a network security strategy based on the principle of "never trust, always verify." This approach mandates strict identity verification and authorization for every resource access attempt, regardless of whether the access is internal or external. Through multi-factor authentication, least privilege access, micro-segmentation, and continuous monitoring, Zero Trust effectively prevents unauthorized access, data breaches, and cyberattacks, enhancing overall security.

What is Zero Trust?

The Zero Trust concept was introduced in 2010 by John Kindervag, VP and Principal Analyst at Forrester Research, recognizing that traditional security models assumed trustworthiness within corporate networks. Zero Trust, in contrast, presumes no inherent trust, both inside and outside the network. All users, devices, and applications must be verified, authorized, and continuously monitored before accessing network resources.

  • In 2019, Gartner identified Zero Trust as a core element of Secure Access Service Edge (SASE) solutions.
  • In 2020, NIST released the "NIST SP 800-207 Zero Trust Architecture" standard document.

Core Principle

  • "Never Trust, Always Verify"
  • Zero Trust is not a technology or product but a security practice.

Implementing Zero Trust Architecture

  • Identify the protection scope
  • Track traffic across sensitive data transactions
  • Define Zero Trust architecture for each micro-perimeter
  • Implement automation, monitoring, and maintenance

Product Features

  • Built on the principles of SP800-207 to offer a complete solution
  • Uses AAL3 high-security authentication hardware
  • Integrates TPM or device certificates with EDR to monitor device health
  • Applies a software-defined perimeter for micro-network management
  • Leverages XVR to analyze device and user behavior for real-time trust insights
  • Dynamically controls access rights based on trust inference

Benefits

  1. Enhanced Security: Continuous verification and micro-segmentation prevent lateral movement and threat spread.
  2. Risk Reduction: Multi-factor authentication and monitoring reduce internal and external threat risks.
  3. Remote Work Protection: Dynamic access control and device checks ensure remote work security.
  4. Compliance Management Simplification: Meets regulatory requirements for data protection.
  5. Reduced IT Workload: Automated security responses reduce the burden on IT teams.
  6. Lower Breach Costs: Multi-layer protection limits attack scope, reducing damage and remediation costs.

Applicable Objects

Zero Trust solutions are suitable for various organizations and industries, especially those needing to protect sensitive data and maintain high security.