Tag: zero trust
-
Handbook: Zero Trust Principles
In the 2010s, the cybersecurity community was introduced to the concept of zero trust, the idea that implicitly trusting remote systems might be a … bad idea. John Kindervagt coined the term while at Forrester Research, although practical applications were developed in parallel elsewhere. In response to the breaches from Operation Aurora, Google implemented its…
-
Zero Trust in Administration
CrowdStrike, Windows domain administration, SolarWinds — our implicit trust in admin software is a recipe for repeated disasters. The most unsafe part of our technology ecosystem isn’t the number of unpatched systems we have. Nor is it shadow IT, whether it’s homegrown software or the burgeoning bring-your-own-SaaS ecosystem. The shared responsibility model, and the impossible complexity of safely configuring systems…