Zero Trust imhando yekuchengetedza yakagadziriswa neyaimbova Forrester muongorori. mugore ra2010. Kubva ipapo, iyo zero yekuvimba modhi yave iyo inonyanya kufarirwa pfungwa mucybersecurity. Munguva pfupi yapfuura kutyora kukuru kwedata kunongoratidza kukosha kwemakambani kubhadhara zvakanyanya kucybersecurity, uye iyo Zero Trust modhi inogona kunge iri nzira kwayo.
Zero Trust inoreva kusavimbika kwakazara mune chero munhu - kunyangwe vashandisi mukati meiyo perimeter. Iyo modhi inoreva kuti mushandisi wega wega kana mudziyo unofanirwa kuonesa magwaro avo pese pavanokumbira kuwana chero sosi mukati kana kunze kwetiweki.
Verenga kana iwe uchida kudzidza zvakawanda nezve Zero Trust chengetedzo pfungwa.
Iyo Zero Trust pfungwa inoshanda sei
Iyo pfungwa yeZero Trust yakashanduka kuita nzira yakazara kune cybersecurity inosanganisira akawanda matekinoroji uye maitiro. Chinangwa cheZero Trust modhi ndechekudzivirira kambani kubva kumazuva ano cybersecurity kutyisidzirwa uye kutyora kwedata, ukuwo uchiwana kuteerana nedziviriro yedata uye kuchengetedza mitemo.
Ngationgororei nzvimbo huru dzeZero Trust pfungwa. Forrester inokurudzira kuti masangano atarise poindi yega yega kuvaka yakanakisa zero trust zano.
Zero Trust Data: Yako data ndiyo iri kuedza kubiwa nevanorwisa. Saka zvine musoro zvachose kuti mbiru yekutanga yeZero Trust pfungwa ndeye . Izvi zvinoreva kukwanisa kuongorora, kuchengetedza, kuisa mumapoka, kutarisa uye kuchengetedza kuchengetedzwa kwebhizinesi rako data.
Zero Trust Networks: Kubira ruzivo, vanorwisa vanofanirwa kukwanisa kufamba mukati metiweki, saka basa rako nderekuita kuti maitiro aya ave akaoma sezvinobvira. Segment, patsanura uye udzore ma network ako nehunyanzvi hwepamberi senge chizvarwa chinotevera firewall akagadzirirwa chinangwa ichi.
Zero Trust Users: Vanhu ndivo vanonyanya kusimba chinongedzo muchirongwa chekuchengetedza. Dzimisa, tarisa uye nyatso simbisa misimboti yekuwana mushandisi kune zviwanikwa mukati metiweki neInternet. Gadzira maVPN, maCASB (makore ekuwana kuchengetedza mabhureki), uye dzimwe nzira dzekuwana kuchengetedza vashandi vako.
Zero Trust Load: Izwi rekuti basa rekuita rinoshandiswa nekugadzirisa zvivakwa uye zvikwata zvekushanda kureva iyo yese application stack uye backend software inoshandiswa nevatengi vako kusangana nebhizinesi. Uye zvikumbiro zvemutengi zvisina kuvhurwa zvakajairika kurwisa vector inoda kuchengetedzwa kubva. Funga nezvese tekinoroji stack-kubva kune hypervisor kusvika kune yewebhu kumberi-sekutyisidzira vector uye chengetedza ne zero trust maturusi.
Zero Trust Devices: Nekuda kwekusimuka kweInternet yezvinhu (mafoni, smart TV, vagadziri vekofi vakangwara, nezvimwewo), huwandu hwemidziyo inogara mukati metiweki yako yakawedzera zvakanyanya mumakore mashoma apfuura. Midziyo iyi zvakare inogona kurwisa vector, saka inofanirwa kupatsanurwa uye kutariswa senge chero imwe komputa pane network.
Kuona uye analytics: Kuti ubudirire kuita zero kuvimba, ipa zvikwata zvako zvekuchengetedza uye zvekupindura zviitiko nemidziyo yekuona zvese zviri kuitika panetiweki yako, pamwe neanalytics kuita pfungwa yezviri kuitika. uye analytics ndiwo mapoinzi akakosha mukurwisa zvinogoneka kutyisidzira pane network.
Automation uye kutonga: inobatsira kuchengetedza masisitimu ako ese achimhanya pasi peZero Trust modhi uye anotarisisa kutevedzera Zero Trust marongero. Vanhu havangokwanisi kuchengeta huwandu hwezviitiko zvinodikanwa kune "zero trust" musimboti.
3 nheyo dzeZero Trust modhi
Inoda yakachengeteka uye yakasimbiswa kuwana kune zvese zviwanikwa
Yekutanga musimboti weiyo Zero Trust pfungwa ndeye kodzero dzese dzekuwana kune zvese zviwanikwa. Pese apo mushandisi anowana faira resource, application, kana chengetedzo yegore, zvinofanirwa kutendesa zvakare uye kubvumidza mushandisi kune icho sosi.
Unofanira kufunga zvese kuyedza kuwana network yako sekutyisidzira kusvika zvaratidzwa neimwe nzira, zvisinei nemuenzaniso wako wekutambira kana kuti kubatana kunobva kupi.
Shandisa shoma ropafadzo modhi uye kudzora kuwana
ndiyo paradigm yekuchengetedza iyo inomisa kodzero dzekuwana dzemushandisi wega wega kusvika padanho rinodikanwa kuti aite mabasa ake ebasa. Nekudzikamisa kuwana kune mumwe nemumwe mushandi, iwe unodzivirira anorwisa kuti awane mukana kune yakakura yedata nekukanganisa account imwe.
Shandisa kuwana rombo rakanaka uye kupa simba varidzi vebhizinesi kutonga mvumo kune yavo inodzorwa data. Ita ongororo yekodzero uye nhengo yeboka nguva nenguva.
Tarisa zvese
Misimboti ye "zero trust" inoreva kutonga nekusimbisa zvese. Kutema nhare dzese dzetiweki, kuwana faira, kana email meseji kuti uongorore kuita kwakashata hachisi chinhu chingaitwe nemunhu mumwechete kana timu. Saka shandisa pamusoro pematanda akaunganidzwa kuti aone zviri nyore kutyisidzira panetiweki yako, senge , malware kana chakavanzika data exfiltration.
Kuitwa kwe "zero trust" modhi
Ngatisarudze akati wandei main kurudziro paunenge uchishandisa "zero trust" modhi:
- Gadziridza chinhu chimwe nechimwe chehurongwa hwako hwekuchengetedza ruzivo kuti uenderane neZero Trust nheyo: Wongorora zvese zvikamu zvehurongwa hwako hwazvino uchipesana neZero Trust misimboti yakatsanangurwa pamusoro uye gadzirisa pazvinenge zvichidikanwa.
- Ongorora yako yazvino tekinoroji stack uye uone kana ichida kuvandudzwa kana kutsiva kuti uwane Zero Trust: Tarisa nevagadziri vematekinoroji aunoshandisa kuona kuti vanotevedzera zero trust musimboti. Bata vatengesi vatsva kuti vaone dzimwe mhinduro dzinogona kudiwa kuita zano reZero Trust.
- Tevedzera nzira uye nemaune maitiro paunenge uchishandisa Zero Trust: Zvimisire zvinangwa zvinoyerwa uye zvinangwa zvinogoneka. Ita shuwa kuti vatsva vanopa mhinduro vanowiriranawo nehurongwa hwakasarudzwa.
Zero Trust Model: Vimba Vashandisi Vako
Iyo "zero trust" modhi ishoma yezvisizvo, asi "usavimbe chero chinhu, simbisa zvese," kune rimwe divi, hazvinzwika zvakanaka. Iwe unofanirwa chaizvo kuvimba nevashandisi vako, kana (uye iyi ihombe "kana") vapfuura mwero wakaringana wemvumo uye maturusi ako ekutarisa haana chaaona chiri kufungidzira.
Zero Trust Principle naVaronis
Paunenge uchiita iyo Zero Trust musimboti, Varonis inokutendera iwe kutora zero-kuvimba maitiro kuchengetedzwa kwedata:
- Varonis inoongorora kodzero dzekuwana uye chimiro cheforodha kuitira kubudirira , kuronga varidzi vedata rebhizinesi uye kutungamirirwa kwekodzero dzekuwana nevaridzi pachavo.
- Varonis inoongorora zvirimo uye inoona data yakakosha kuwedzera imwe nhanho yekuchengetedza uye yekutarisa kune yako yakanyanya kusimba ruzivo, pamwe nekutevedzera zvinodiwa nemutemo.
- Varonis anotarisisa uye anoongorora kuwana faira, chiitiko muActive Directory, VPN, DNS, Proxy uye tsamba nokuti maitiro emushandisi wese panetiweki yako.
inoenzanisa chiitiko chazvino nemuenzaniso wemaitiro akajairwa kuona chiitiko chekufungidzira uye inogadzira chiitiko chekuchengetedza ine kurudziro yematanho anotevera kune yega yega yekutyisidzira yaonekwa. - Varonis inopa chimiro chekutarisa, kurongedza, kutonga kwemvumo uye kuzivikanwa kwekutyisidzira, iyo inodiwa kuita zero trust musimboti munetiweki yako.
Sei iyo Zero Trust modhi?
Zero yekuvimba zano inopa yakakosha nhanho yedziviriro kubva mukudonha kwedata uye kutyisidzira kwazvino kwecyber. Vese vanorwisa vanofanirwa kupinda netiweki yako inguva uye kukurudzira. Hapana huwandu hwemafirewall kana password mitemo inovamisa. Izvo zvinodikanwa kuvaka zvipingamupinyi zvemukati uye kutarisa zvese zvinoitika kuti vaone zviito zvavo kana vabiwa.
Source: www.habr.com