The Zero Trust (ZT) architecture is a modern concept shaping cybersecurity in the public and private sectors. The growing use of SaaS applications, migration to cloud-based architecture, a rising number of remote employees, and bring-your-own-device (BYOD) have rendered perimeter-based security obsolete. The concept of a network perimeter where those outside of the enterprise's control are malicious and insiders are trustworthy — is no longer a viable approach to cybersecurity.
How secure is your user access to AWS infrastructure and workloads? Security to protect every user’s access to apps, endpoints and infrastructure when moving to the cloud is a hot topic. AWS’ shared responsibility model means that security and compliance is just that, shared between AWS and the customer.
When it comes to controlling logins and privileges on Unix/Linux servers, Centrify’s philosophy is aligned with modern NIST recommendations, as opposed to traditional vendors whose solutions are centered around a Password Vault. Centrify believes users should login directly as themselves and elevate privileges granularly as needed and authorized.
Compromised credentials are a leading cause of security breaches. According to Verizon’s 2015 Data Breach Investigations Report, 95% of security incidents involved stealing credentials from customer devices, and using them to web applications. So many stolen credentials are available to hackers, generally on the Dark Web, that passwords are no longer effective.
Late last year, the government’s Commission on Enhancing National Cybersecurity published a detailed report, at President Obama’s request, to provide short- and long-term recommendations to strengthen cybersecurity in the public and private sector (you can read the full report on the NIST website).