Today’s enterprises are embracing cloud technologies – and the dynamic business models that they enable – on an unprecedented scale. They’re supporting remote and geographically distributed workforces. They’re striving to provide new products and services at revolutionary speed. And they’re seeking cost and efficiency advantages that only the cloud can offer. As a result, they need to apply new paradigms when thinking about how to secure these environments.
Zero Trust is a radically different way of thinking about security architectures. Instead of relying on perimeter-based defenses to police an internal “trusted” zone where network traffic and entities are deemed safe, Zero Trust principles consider everything and everyone to be untrustworthy. Thus, every single user, device or application must prove who they are and why they need privileged access to a resource.
As a paradigm, Zero Trust consists of three core tenets:
Least privilege ensures that users only gain access to the specific tools they need to complete a task.
Zero Trust grants access on a “time-limited” basis, so access is automatically removed after a given period.
Zero Trust gatekeepers evaluate a user requesting access based on their identity profile and grants or denies access. Fine-grained entitlements allow the gatekeeper to grant precise access.
Zero Standing Privilege means that no user will ever be able to bypass the gatekeeper. It’s crucial that no user ever has standing privilege based on location or device.
Zero Standing Privilege (ZSP) is a means of applying Zero Trust principles to problems in privileged access management. Originally coined by the analyst firm Gartner, ZSP means that instead of granting administrative privileges to accounts on a permanent basis, users, devices or services are granted access to privileged resources for a limited time only, on the basis of need. Each access request is decided according to predetermined policies or criteria based on behavioral analytics. ZSP is an example of a Just-in-Time access model.
Adhering to the Zero Trust paradigm means that whenever privileged access is granted, it’s granted for a limited time only, and is intended to be just enough access for the task at hand. Zero Trust combines ZSP with intelligent context-based decision making that takes place every time a user or application submits an access request. It enables organizations to secure identity as the new perimeter and prepares them to defend modern infrastructures against today’s threats.
Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The platform brings together identity governance (IGA), granular application access, cloud security, and privileged access (PAM) to secure the entire business ecosystem and provide a frictionless user experience. The world’s largest brands trust Saviynt to accelerate digital transformation, empower distributed workforces, and meet continuous compliance, including BP, Western Digital, Mass Mutual, and Koch Industries. For more information, please visit saviynt.com.