5 Common Myths and Surprising Truths about Zero Trust

The zero trust security model seems to be on everyone’s lips these days. The reason for this is the global evolution in the way we perceive cyber security – we move away from building walls around key assets and choose to be smart and proactive about their protection. This is made possible by focusing on data as security leverage and it has been the core of the entire zero trust concept.

However, there’s still an aura of mystery surrounding zero trust, an underserved image of secrecy (of sorts) that goes perfectly in line with its mission statement to “never trust and always verify”. In the following article, we will dispel at least five most common myths about the zero trust architecture while sticking with some less known truths about this important piece of today’s security puzzle.

1) Zero trust is not a product, but a model

This is a common misconception that has surely overstayed its welcome. Zero trust cannot be bought at a store and you cannot, for example, combine access control and an identity management policy to transform these into a full-blown zero trust implementation.

Based on this, zero trust can be best described as a collection of security principles that are implemented under the umbrella of a specific zero trust network architecture. These needs to be further supported by an implementation of adequate zero trust policies. It is more of a “philosophy”, as long as your security model involves the minimization of the attack surface, verification in every instance, and the elimination of the reliance on the old-fashioned privilege-based security model.

To fully benefit from the zero trust implementation, you will have to reorganize your entire approach to data organization and classification, methods of contractor and vendor authorization, and the mapping of key assets on the network. This is why zero trust is a bottom-up approach in which even non-security systems need to be aligned with its core goal.

2) Zero trust serves both larger and smaller organizations

Back in the day, the story of zero trust as a new security model was mostly heard from the mouths of big corporate players, such as Google. This sowed the seeds from which a misconception grew that zero trust is an expensive, complex, and hard-to-implement model suitable only for larger organizations. In reality, this statement would only work if the data breaches were confined to larger corporations, which hardly reflects the actual statistics.

On the contrary, we can see that some 43% of cyber-attacks target small businesses, with 60% of them going out of business following these attacks. No, zero trust is not aimed at large businesses simply because smaller organization are exposed to the same cyber threats. The fact that they tend to go out of business following these attacks only shows that small businesses lack sufficient resources to recover from cyber-attacks that bigger players have.

Also, since zero trust is not a product (see above), its implementation can be introduced gradually, which is a boon for smaller organizations that do not want to break the bank. With it, even modest yearly investment in zero trust model implementation can prevent your firm from suffering potential business-breaking damage in the future.

3) Zero trust implementation hurts network availability

The zero trust security model was born out of the notion that we have to do away with the presumption that internal network traffic is secure by default. With this newfound focus on network-wide security that goes beyond the external perimeter, it was easy to (wrongly) assume that zero trust will somehow hurt the network availability across the organization.

In reality, keeping the same level of watchfulness over the internal component of the network security actually gives you more insights into how the traffic operates on your network. In addition, you can increase the visibility of each user on it.

At the same time, the application of the zero trust model puts focus on security, which, by definition, secures the very assets that exist on a network. Instead of having to move these assets all the time and burden the system with additional internal controls, the zero trust model allows you to manipulate key assets more freely and efficiently, simply because you know that their security could not be compromised in the first place.

4) Zero trust provides for poorer user experience

Lay your fears to rest, the zero trust model does not bog down the resources you need in interacting with your employees or clients. In fact, it operates pretty seamlessly if it is implemented organization-wide. This means that everything, from a single app to a workflow will have to bow down to it for it to work properly.

First of all, your employees or contractors will no longer present a security liability for you once they decide to quit doing business with you. Their access to key assets will be terminated immediately, instead of leaving potential access back doors and weak points.

Another key point is the elimination of the practice of being overburdened with authentication requests at lower levels. As these requests usually entail frequent access to assets by low-risk user profiles, getting them out of the picture will actually improve your user experience and efficiency on account of the lower overall complexity of this new security model.

5) Zero Trust Is On-Site Only?

A zero trust implementation exists as an on-site deployment, yes, but it can be easily applied to the cloud or hybrid systems as well. This is because the cloud has become a part of a virtual attack surface that can be exposed to dangerous cyber-attacks.

There is nothing preventing you from setting the boundaries of your zero trust area to the cloud, as long as you adapt your network controls to this specific environment. One of these approaches means going for cloud-based security as part of your zero trust strategy. You can also minimize the attack surface by defining contexts in which the users have access to cloud-based resources.

In conclusion

So, zero trust means that you are not…trusting enough? Going back to what we said above, zero trust is best understood as a journey on the path to better security and not an overnight solution to an array of problems. Yes, it is based on the principle that everything needs to be verified, but this does not imply that your organization has suddenly become too suspicious or paranoid. It is simply a reflection of harsh realities in today’s cyber world.

Zero trust seeks to remove the trust-based system from the security equation simply because it got exploited all too often in much-publicized accidents. Trust is a highly personal and human notion and, as a security asset, it comes with too many unpredictable variables.

Instead of this, the zero trust model recognizes that wide-scale networks of today are hostile places, and pretending that the past two decades of security incidents never happened means inviting yet another data breach as a costly affair that hurts one’s reputation and finances.

News Related

OTHER NEWS

Google Docs will now really let you stamp your mark on your work

Making sure your work gets the respect it deserves will soon be a lot easier in Google Docs thanks to a new privacy tool coming to the service. The word ... Read more »

LG's 65-inch C1 OLED TV drops to record-low price just ahead of the Super Bowl

The big game is just weeks away, and if you’re looking to snag an epic Super Bowl TV deal on a stunning display, then you’re in luck. We’ve just spotted ... Read more »

MWC 2022 cancellations: which brands will be at this year's show?

Mobile World Congress is the largest mobile technology show in the world, and its next iteration is set to take place in Barcelona at the end of February. That’s despite ... Read more »

Samsung Galaxy Buds Pro vs Apple AirPods Pro: the noise-cancelling earbuds compared

The Samsung Galaxy Buds Pro arrived in January 2021, following months of leaks and rumors – and with active noise cancellation and 3D audio support, they’re a serious rival for ... Read more »

Norton antivirus features comparison: what you get with Norton plans

Norton has a range of products from basic antivirus to full-featured internet security suites, offering plenty of options for buyers to ensure they can get the right package for their ... Read more »

EU antitrust regulators set new date for decision on Nvidia's Arm deal

EU antitrust regulators have resumed investigation of Nvidia‘s deal for British chip designer ARM, setting a new deadline of May 25 for their decision, a European Commission filing showed. The ... Read more »

New Pokémon Legends: Arceus trailer rounds up its original features

Nintendo released a new trailer for Pokémon Legends: Arceus ahead of the game’s launch later this week. The 6-minute ‘overview trailer’ gives a roundup of the game’s main features and ... Read more »

Twitter's Instagram-like feature ‘leaks' again, this is what the new details tell

Twitter has reportedly been working on a new feature that will allow users to create a list of people that can see their certain Tweets. This means that certain tweets ... Read more »

The cheapest Oculus Quest 2 price and deals in January 2022

It’s still tough to find any truly excellent Oculus Quest 2 deals over a year after launch. The VR headset has held firm with its $299/£299 price point over the ... Read more »

Twitter says record number of demands from governments to remove content, these two countries lead

Twitter said governments around the world made requests to remove content from a record number of user accounts between January and June last year, in data to be released by ... Read more »

Highams Park: Children among 19 injured in London bus crash

Five people were taken to hospital after a bus ploughed into a building in London on Tuesday. (PA) Three children and two adults were taken to hospital after a double ... Read more »

Tesla may be about to super-charge its EV Superchargers

Tesla’s Supercharger charging network is one of the automaker’s most visible products, and one of the key ways it differentiates its products while also making them easier to live with ... Read more »

Automation is bringing brick-and-mortar retail into the 21st century

It’s hard to overstate the value of data-driven solutions in the retail space, and even more so when it comes to the future of store automation. For retailers, in-store automation ... Read more »

Voices: So now a Tory MP is attacking a local newspaper – how low can they go?

Marson’s constituents are perfectly entitled to ask what she thinks about a scandal which has dominated the news for weeks now (UK Parliament) Is Tory MP Julie Marson’s venomous attack ... Read more »

Fight Club given a new ending in China where authorities win

Fight Club given a new ending in China where authorities win The ending of David Fincher’s 1999 film Fight Club has been changed in China. The film featuring Helena Bonham ... Read more »

Middlesex chairman facing backlash for 'outdated' claim 'black people don't like cricket, they like football'

Middlesex chairman Mike O’Farrell The racism furore in county cricket has reignited after the chairman of Middlesex expressed “outdated” stereotypes on why cricket is failing to nurture black and Asian ... Read more »

Mini joins the EV restomod craze with reversible conversions

During the past few years, there’s been a flurry of electrified classic vehicle unveilings from newly launched independent firms, such as , , and , as well as an array from automotive giants. The ... Read more »

GPU stock could soon improve – and get much better from mid-2022

Graphics card stock levels could improve in the near future, and the overall situation might improve markedly as the second half of 2022 rolls around, going by the latest from ... Read more »

Nvidia preparing to walk away from Arm acquisition: Report

Nvidia Corp is preparing to abandon its purchase of Arm Ltd from SoftBank Group Corp after offering about $40 billion for the British company in 2020, Bloomberg News reported on ... Read more »

Weird PS4 trophies error adds fuel to the PS Game Pass rumor fire

A strange PlayStation error saw users lose any and all PlayStation 4 trophy progress. What’s more, it also removed the games’ names and labelled them as being for the PlayStation ... Read more »

Microsoft Excel is making a big change to protect against malware

Excel 4.0 (XLM) macros are now disabled by default, Microsoft has confirmed. In a Tech Community blog post, the company revealed that the change has been made to better protect ... Read more »

How to use the Uncharted: Legacy of Thieves Collection PS5 upgrade offer

Uncharted: Legacy of Thieves is just around the corner, where the two latest games in the series will see a remaster for the PS5. After a long wait, the PS5 ... Read more »

Up to 22,500 archaeological sites under threat from climate crisis, experts say

Experts have warned over how the climate crisis could affect artefacts in peatland areas (Getty Images/iStockphoto) Around 22,500 archaelogical sites in the UK are threatened by the climate crisis, which ... Read more »

How to log in to Microsoft Teams

Microsoft Teams is one of several video conferencing tools to have taken the world by storm over the last two years. Along with the likes of Google Meet and Zoom, ... Read more »

Smartron Group secures up to $200 million capital commitment from GEM Group

Tech company Smartron on Tuesday said it has signed an agreement with Global Emerging Markets Group (GEM), wherein the alternative investment organisation will provide a share subscription facility of up ... Read more »

Microsoft reportedly working on redesigned Outlook app with more features

With the recent updates, Microsoft has started to roll out redesigned native apps for more Windows 11 users. The new design of the apps were first teased by the company ... Read more »

MSI Raider GE76 2022 review

For years, the MSI Raider GE76 has been a great gaming laptop for showcasing what the latest mobile hardware from Intel and Nvidia is capable of. And now, in 2022, ... Read more »

PowerPoint is being used as a lure to spread malware

Threat actors are increasingly turning towards Microsoft PowerPoint files to distribute different types of malware. New Netskope research found that since the end of 2021, numerous hacking groups started using ... Read more »

Smart devices can now read your mood and mind — they shouldn't without consent

While waiting to board a plane on a recent trip out of town, an airline staff member asked me to momentarily take off my face mask to allow the facial ... Read more »

IMF lowers 2022 growth outlook for S. Korean economy to 3 pct

SEOUL, Jan. 25 (Yonhap) — The International Monetary Fund (IMF) on Tuesday slashed its economic growth outlook for South Korea this year to 3 percent from 3.3 percent amid the ... Read more »

China introduces state-backed NFT platform unlinked to cryptocurrencies

China’s state-backed Blockchain Services Network (BSN) on Tuesday announced a soft launch of a nationwide infrastructure to support Chinese non-fungible tokens (NFTs), marking a key step towards creating a domestic ... Read more »

Amazon Fire TV Stick deals plummet to Black Friday prices

Amazon has reduced the prices on its excellent Fire TV Stick range of streaming devices down to Black Friday levels today. First up, the standard 3rd-generation Amazon Fire TV Stick, ... Read more »

Meta poaches engineering manager from Apple Car project

The Apple Car project may have lost another key team member as its head of software engineering departs for Silicon Valley rival Meta (formerly known as Facebook). As reported in ... Read more »

Ford to pause 2022 Maverick orders until summer to meet soaring demand for $20K pickup

DETROIT — Ford Motor Co. will temporarily stop accepting all orders on its all-new 2022 Maverick compact pickup truck – both hybrid and gasoline versions – until summer, the automaker ... Read more »

How to use your Xbox Series X controller on PC

The latest and greatest Xbox consoles, the Xbox Series X and Xbox Series S, launched with a new take on Xbox controllers. Although they may look similar to the controller ... Read more »

Full Sue Gray report into Downing Street parties delayed by police investigation

Sue Gray is handling the inquiry into the growing numbers of reports (PA/Gov) The full report by senior civil servant Sue Gray into alleged lockdown parties held in Downing Street ... Read more »

Covid: ‘Stealth Omicron' variant spreading in UK and Scandinavia

Nightlife guests crowd in front of the “Rumors” Nightclub on Noerregade street in Copenhagen (Ritzau Scanpix/AFP via Getty Images) More than 400 cases of the new BA.2 variant nicknamed “stealth ... Read more »

Jacob Rees-Mogg defends Boris Johnson: 'He's got all the big calls right'

Jacob Rees-Mogg has defended Boris Johnson in light of the latest 'partygate' claims, saying the prime minister has got “all the big decisions right”. The House of Commons Leader made ... Read more »

Neuralink: Ready for chips in your brains? Talking Tech podcast

Hit play on the player above to hear the podcast and follow along with the transcript below. This transcript was automatically generated, and then edited for clarity in its current ... Read more »

Asus to soon launch the ROG Phone 5s in India: Expected specifications, features and more

After launching the ROG Phone 5s series smartphones last year globally, Asus is gearing up to launch the smartphones in India. The company has already started extending the press-briefing invite, ... Read more »
On free-english-test.com you will find lots of free English exam practice materials to help you improve your English skills: grammar, listening, reading, writing, ielts, toeic