ProHoster > Ibhulogi > Ulawulo > Yintoni iZero Trust? Imodeli yokhuseleko

Yintoni iZero Trust? Imodeli yokhuseleko

Yintoni iZero Trust? Imodeli yokhuseleko

I-Zero Trust ngumzekelo wokhuseleko ophuhliswe ngumhlalutyi wangaphambili we-Forrester. UJohn Kindervag ngonyaka ka-2010. Ukusukela ngoko, imodeli yezero yokuthembela iye yaba yeyona nto idumileyo kukhuseleko lwe-cyber. Ukophulwa kwedatha okukhulu kwamva nje kuqaqambisa imfuno yokuba iinkampani zithathele ingqalelo ngakumbi kukhuseleko lwe-cyber, kwaye imodeli yeZero Trust inokuba yeyona ndlela ilungileyo.

I-Zero Trust ibhekisa ekungathembeni ngokupheleleyo kuye nabani na - nkqu nabasebenzisi abangaphakathi kwi-perimeter. Imodeli ithetha ukuba umsebenzisi ngamnye okanye isixhobo kufuneka siqinisekise iinkcukacha zabo ngalo lonke ixesha becela ukufikelela kuso nasiphi na isixhobo ngaphakathi okanye ngaphandle kwenethiwekhi.

Funda ukuba ufuna ukufunda ngakumbi malunga nembono yokhuseleko yeZero Trust.

Indlela iZero Trust concept esebenza ngayo

Yintoni iZero Trust? Imodeli yokhuseleko

Ingqikelelo yeZero Trust iye yaguquka yaba yindlela epheleleyo yokhuseleko lwe-intanethi equka ubuchwephesha kunye neenkqubo ezininzi. Injongo yemodeli yeZero Trust kukukhusela inkampani kwiisoyikiso ze-cybersecurity zanamhlanje kunye nokwaphulwa kwedatha, ngelixa ikwafezekisa ukuthotyelwa kokhuseleko lwedatha kunye nemithetho yokhuseleko.

Makhe sihlalutye iindawo eziphambili zengqikelelo yeZero Trust. I-Forrester icebisa ukuba imibutho ithathele ingqalelo inqaku ngalinye ukwakha esona sicwangciso silungileyo sezero.

Zero Trust Data: Idatha yakho yinto abahlaseli abazama ukuyiba. Ngoko ke kusengqiqweni ngokupheleleyo ukuba intsika yokuqala yengqikelelo yeZero Trust ukhuseleko lwedatha kuqala, hayi okokugqibela. Oku kuthetha ukukwazi ukuhlalutya, ukukhusela, ukuhlela, ukubeka iliso kunye nokugcina ukhuseleko lwedatha yeshishini lakho.

Zero Trust Networks: Ukuba ulwazi, abahlaseli kufuneka bakwazi ukuhamba ngaphakathi kwenethiwekhi, ngoko umsebenzi wakho kukwenza le nkqubo ibe nzima kangangoko kunokwenzeka. Yahlula, yahlula kwaye ulawule uthungelwano lwakho ngetekhnoloji ephucukileyo efana nesizukulwana esilandelayo somlilo oyilelwe le njongo.

Zero Trust Abasebenzisi: Abantu balelona khonkco libuthathaka kwisicwangciso sokhuseleko. Nciphisa, ubeke iliso kwaye unyanzelise ngokungqongqo imigaqo yokufikelela kubasebenzisi kwimithombo yothungelwano kunye ne-Intanethi. Cwangcisa ii-VPNs, ii-CASB (ii-brokers zokhuseleko zokufikelela kwilifu), kunye nolunye ukhetho lokufikelela ukukhusela abasebenzi bakho.

Zero Trust Umthwalo: Igama elithi umthwalo womsebenzi lisetyenziswa lugcino lweziseko ezingundoqo kunye namaqela okusebenza ukubhekisa kuso sonke isitakhi sesicelo kunye nesoftware yasemva esetyenziswa ngabathengi bakho ukunxibelelana neshishini. Kwaye izicelo zabaxumi ezingabhalwanga zizinto eziqhelekileyo zohlaselo ezifuna ukukhuselwa. Qwalasela yonke itekhnoloji yesitaki-ukusuka kwi-hypervisor ukuya kwi-web frontend-njengesoyikiso se-vector kwaye uyikhusele ngezixhobo zokuthembela zero.

Zero Trust izixhobo: Ngenxa yokunyuka kwe-Intanethi yeZinto (ii-smartphones, iiTV ezihlakaniphile, abenzi bekofu abahlakaniphile, njl.njl.), inani lezixhobo ezihlala ngaphakathi kuthungelwano lwakho liye landa kakhulu kule minyaka imbalwa idlulileyo. Ezi zixhobo zikwayi-vector yokuhlasela enokwenzeka, ngoko ke kufuneka zahlulwe kwaye zibekwe esweni njengayo nayiphi na enye ikhompyuter kwinethiwekhi.

Umbono kunye nohlalutyo: Ukuphumeza ngempumelelo i-zero trust, nika ukhuseleko lwakho kunye neqela lokuphendula ngesehlo ngezixhobo zokujonga yonke into eyenzekayo kwinethiwekhi yakho, kunye nohlalutyo ukwenza intsingiselo yoko kwenzekayo. Ukukhuselwa kwizoyikiso eziphezulu kunye nohlalutyo ukuziphatha komsebenzisi ngamanqaku aphambili ekulweni ngempumelelo naziphi na izoyikiso ezinokubakho kuthungelwano.

Ukuzenzekela kunye nolawulo: Ukuzenzekelayo Inceda ukugcina zonke iinkqubo zakho zisebenza phantsi kwemodeli yeZero Trust kwaye ijonge ukuthotyelwa kwemigaqo-nkqubo yeZero Trust. Abantu abakwazi nje ukugcina umkhondo womthamo weziganeko ezifunekayo kumgaqo othi "zero trust".

Imigaqo emi-3 yemodeli yeZero Trust

Yintoni iZero Trust? Imodeli yokhuseleko

Funa ufikelelo olukhuselekileyo noluqinisekisiweyo kuzo zonke izixhobo

Umgaqo wokuqala osisiseko wengqikelelo yeZero Trust ngu uqinisekiso kunye nokuqinisekisa onke amalungelo okufikelela kuzo zonke izibonelelo. Ngalo lonke ixesha umsebenzisi efikelela kwisixhobo sefayile, isicelo, okanye ukugcinwa kwelifu, kuyimfuneko ukuphinda uqinisekise kwaye ugunyazise loo msebenzisi kweso sixhobo.
Kufuneka ucinge yonke uzama ukufikelela kuthungelwano lwakho njengesoyikiso de kungqinwe ngenye indlela, nokuba yeyiphi imodeli yakho yokubamba okanye uqhagamshelo luvela phi.

Sebenzisa imodeli yelungelo elincinci kunye nolawulo lofikelelo

IModeli yeLungelo elincinane yiparadigm yokhuseleko ethintela amalungelo okufikelela kumsebenzisi ngamnye kwinqanaba eliyimfuneko ukuba enze uxanduva lwakhe lomsebenzi. Ngokunciphisa ukufikelela kumqeshwa ngamnye, uthintela umhlaseli ekufumaneni ukufikelela kwinani elikhulu ledatha ngokubeka engozini i-akhawunti enye.
Sebenzisa Ulawulo loFikelelo oluSekwe kwindimaukufumana ilungelo elincinci kunye nokuxhobisa abanini bamashishini ukulawula iimvume kwiidatha zabo ezilawulwayo. Ukuqhuba ukuqinisekiswa kwamalungelo kunye nobulungu beqela rhoqo.

Landela yonke into

Imigaqo ye "zero trust" ithetha ulawulo kunye nokuqinisekiswa kwayo yonke into. Ukuloga yonke inethiwekhi yomnxeba, ukufikelela kwifayile, okanye umyalezo we-imeyile ukuhlalutya umsebenzi onobungozi asiyonto umntu omnye okanye iqela elinokuyenza. Ngoko sebenzisa uhlalutyo lokhuseleko lwedatha phezu kweenkuni eziqokelelweyo zokubona ngokulula izoyikiso kuthungelwano lwakho, njenge brute force attack, i-malware okanye ukukhutshwa kwedatha eyimfihlo.

Ukuphunyezwa kwemodeli ye "zero trust".

Yintoni iZero Trust? Imodeli yokhuseleko

Masichonge ezininzi iingcebiso eziphambili xa usebenzisa imodeli ethi "zero trust":

  1. Hlaziya yonke into yesicwangciso sakho sokhuseleko lolwazi ukuze ihambelane nemigaqo yeZero Trust: Hlaziya zonke iinxalenye zesicwangciso sakho sangoku ngokuchasene nemigaqo yeZero Trust echazwe ngasentla kwaye uyilungelelanise njengoko kuyimfuneko.
  2. Hlalutya itekhnoloji yakho yangoku kwaye ubone ukuba ifuna uhlaziyo okanye ukutshintshwa ukuze ufezekise iZero Trust: Jongana nabavelisi betekhnoloji oyisebenzisayo ukuqinisekisa ukuba bayayithobela imigaqo yentembeko. Qhagamshelana nabathengisi abatsha ukuchonga izisombululo ezongezelelweyo ezinokufuneka ukuphumeza isicwangciso seZero Trust.
  3. Landela indlela ecwangcisiweyo neyilwe ngabom xa usebenzisa iZero Trust: Zibekele usukelo olunokulinganiswa kunye neenjongo ezinokufikelelwa. Qinisekisa ukuba ababoneleli bezisombululo abatsha nabo bahambelana nesicwangciso esikhethiweyo.

Zero Trust Model: Thembela kubasebenzisi bakho

Imodeli ethi "zero trust" yinto encinci yegama elingalunganga, kodwa "ungathembi nto, qinisekisa yonke into," ngakolunye uhlangothi, ayivakali kakuhle. Kufuneka ngokwenene ukubathemba abasebenzisi bakho, ukuba (kwaye oku kukhulu ngokwenene "ukuba") baphumelele inqanaba elaneleyo logunyaziso kwaye izixhobo zakho zokubeka iliso azikhange zibhaqe nantoni na ekrokrisayo.

Zero Trust Principle kunye Varonis

Xa uphunyezwa umgaqo weZero Trust, iVaronis ikuvumela ukuba uthathe indlela ye-zero-trust ukhuseleko lwedatha:

  • UVaronis iskena amalungelo okufikelela kunye nesakhiwo sefolda kwimpumelelo iimodeli zamalungelo amancinci, ukutyumba abanini bedatha yeshishini kunye uhlengahlengiso lwenkqubo ulawulo lwamalungelo ofikelelo ngabanini ngokwabo.
  • UVaronis uhlalutya umxholo kwaye achonge idatha ebalulekileyo ukongeza umaleko owongezelelweyo wokhuseleko kunye nokubeka esweni kolona lwazi lwakho lubuthathaka, kunye nokuthobela iimfuno zomthetho.
  • UVaronis ibeka iliso kwaye ihlalutye ukufikelela kweefayile, umsebenzi kwi-Active Directory, i-VPN, i-DNS, i-Proxy kunye ne-imeyile kuba ukwenza iprofayile esisiseko ukuziphatha kwakhe wonke umsebenzisi kwinethiwekhi yakho.
    Uhlalutyo oluPhezulu uthelekisa umsebenzi wangoku kunye nomzekelo wokuziphatha okusemgangathweni ukuchonga imisebenzi ekrokrisayo kwaye uvelise isiganeko sokhuseleko kunye neengcebiso zamanyathelo alandelayo kwisongelo ngasinye esifunyenweyo.
  • Varonis inikeza isakhelo sokubeka iliso, ukuhlelwa, ulawulo lwemvume kunye nokuchongwa kwesoyiko, efunekayo ukuphumeza umgaqo onguziro wokuthembela kwinethiwekhi yakho.

Kutheni imodeli yeZero Trust?

Isicwangciso se-zero trust sibonelela ngenqanaba elibalulekileyo lokhuseleko ngokuchasene nokuvuza kwedatha kunye nezoyikiso ze-cyber zanamhlanje. Bonke abahlaseli kufuneka bangene kwinethiwekhi yakho lixesha kunye nenkuthazo. Akukho xabiso le-firewall okanye imigaqo-nkqubo eyimfihlo eya kubamisa. Kuyimfuneko ukwakha izithintelo zangaphakathi kunye nokubeka iliso kuyo yonke into eyenzekayo ukuchonga izenzo zabo xa igqekeziwe.

umthombo: www.habr.com

Yongeza izimvo