I-Zero Trust iyimodeli yezokuphepha eyakhiwe umhlaziyi wangaphambili we-Forrester. ngonyaka ka-2010. Kusukela lapho, imodeli ye-zero trust isiphenduke umqondo odume kakhulu ku-cybersecurity. Ukwephulwa kwedatha okukhulu kwakamuva kugqamisa kuphela isidingo sezinkampani zokunaka kakhulu ukuphepha kwe-inthanethi, futhi imodeli ye-Zero Trust ingase ibe indlela efanele.
I-Zero Trust isho ukungabi nathemba okuphelele kunoma ubani - ngisho nabasebenzisi abangaphakathi kwe-perimeter. Imodeli isho ukuthi umsebenzisi ngamunye noma idivayisi kufanele iqinisekise izifakazelo zabo njalo lapho becela ukufinyelela kunoma iyiphi insiza ngaphakathi noma ngaphandle kwenethiwekhi.
Qhubeka ufunda uma ufuna ukufunda kabanzi mayelana nomqondo wokuphepha we-Zero Trust.
Indlela i-Zero Trust concept esebenza ngayo
Umqondo we-Zero Trust uguquke waba indlela ephelele yokuphepha ku-inthanethi ehlanganisa ubuchwepheshe nezinqubo eziningi. Umgomo wemodeli ye-Zero Trust uwukuvikela inkampani ekusongelweni kwe-cybersecurity yesimanje kanye nokuphulwa kwedatha, kuyilapho futhi kufinyelelwa ukuhambisana nokuvikelwa kwedatha nemithethonqubo yokuphepha.
Ake sihlaziye izindawo ezibalulekile zomqondo weZero Trust. U-Forrester uncoma ukuthi izinhlangano zicabangele iphuzu ngalinye ukuze zakhe isu elingcono kakhulu le-zero trust.
I-Zero Trust Data: Idatha yakho yilokho abahlaseli abazama ukuyeba. Ngakho-ke kunengqondo ngokuphelele ukuthi insika yokuqala yomqondo we-Zero Trust . Lokhu kusho ukukwazi ukuhlaziya, ukuvikela, ukuhlukanisa, ukuqapha nokugcina ukuphepha kwedatha yebhizinisi lakho.
I-Zero Trust Networks: Ukuze untshontshe ulwazi, abahlaseli kufanele bakwazi ukuzulazula ngaphakathi kwenethiwekhi, ngakho umsebenzi wakho ukwenza le nqubo ibe nzima ngangokunokwenzeka. Hlukanisa, hlukanisa futhi ulawule amanethiwekhi akho ngobuchwepheshe obuthuthukisiwe obufana nezicishamlilo zesizukulwane esilandelayo ezidizayinelwe le njongo ngqo.
Abasebenzisi beZero Trust: Abantu bayisixhumanisi esibuthakathaka kuhlelo lokuvikela. Beka umkhawulo, uqaphe futhi usebenzise ngokuqinile izimiso zokufinyelela komsebenzisi ezinsizeni ngaphakathi kwenethiwekhi ne-inthanethi. Setha ama-VPN, ama-CASB (ama-broker okuphepha okufinyelela amafu), nezinye izinketho zokufinyelela ukuze uvikele abasebenzi bakho.
I-Zero Trust Load: Itemu elithi umthwalo wokusebenza lisetshenziswa amathimba okunakekela ingqalasizinda kanye nokusebenza ukuze kubhekiselwe kuso sonke isitaki sohlelo lokusebenza kanye nesofthiwe yangemuva esetshenziswa amakhasimende akho ukuze ahlanganyele nebhizinisi. Futhi izinhlelo zokusebenza zeklayenti ezingapeyishiwe ziyi-vector evamile yokuhlasela okudingeka ivikelwe kuyo. Cabangela sonke isitaki sobuchwepheshe—kusuka ku-hypervisor kuya ku-frontend yewebhu—njengevektha eyingozi futhi usivikele ngamathuluzi okuthembana angekho.
I-Zero Trust Amadivayisi: Ngenxa yokukhuphuka kwe-inthanethi Yezinto (ama-smartphone, ama-smart TV, abenzi bekhofi abahlakaniphile, njll.), inani lamadivayisi ahlala ngaphakathi kwamanethiwekhi akho likhule ngokumangalisayo kule minyaka embalwa edlule. Lawa madivayisi nawo angaba i-vector yokuhlasela, ngakho-ke kufanele ahlukaniswe futhi aqashwe njenganoma iyiphi enye ikhompyutha kunethiwekhi.
Ukubona ngeso lengqondo nokuhlaziya: Ukuze usebenzise ngempumelelo ukungabikho kokuthembana, hlinzeka ngamathimba akho okuvikeleka nezigameko ngamathuluzi okubona ngeso lengqondo yonke into eyenzekayo kunethiwekhi yakho, kanye nezibalo ukuze wenze umqondo walokho okwenzekayo. kanye nezibalo amaphuzu abalulekile ekulweni ngempumelelo nanoma yiziphi izinsongo ezingaba khona kunethiwekhi.
Ukuzenzakalela nokulawula: Isiza ukugcina wonke amasistimu akho esebenza ngaphansi kwemodeli ye-Zero Trust futhi iqaphe ukuthobela izinqubomgomo ze-Zero Trust. Abantu abakwazi nje ukulandelela umthamo wemicimbi edingekayo kumgomo othi "zero trust".
Izimiso ezi-3 zemodeli yeZero Trust
Idinga ukufinyelela okuphephile nokuqinisekisiwe kuzo zonke izinsiza
Umgomo wokuqala oyisisekelo womqondo we-Zero Trust uthi wonke amalungelo okufinyelela kuzo zonke izinsiza. Ngaso sonke isikhathi lapho umsebenzisi efinyelela insiza yefayela, uhlelo lokusebenza, noma isitoreji samafu, kuyadingeka ukuphinda uqinisekise futhi ugunyaze lowo msebenzisi kulowo mthombo.
Kufanele ucabangele konke uzama ukufinyelela inethiwekhi yakho njengosongo kuze kuqinisekiswe ngenye indlela, kungakhathaliseki imodeli yakho yokubamba noma lapho uxhumano luvela khona.
Sebenzisa imodeli enelungelo elincane futhi ulawule ukufinyelela
ipharadigm yokuvikela ekhawulela amalungelo okufinyelela omsebenzisi ngamunye ezingeni elidingekayo ukuze enze izibopho zakhe zomsebenzi. Ngokukhawulela ukufinyelela kumsebenzi ngamunye, uvimbela umhlaseli ukuthi afinyelele inombolo enkulu yedatha ngokufaka engozini i-akhawunti eyodwa.
Sebenzisa ukuzuza amalungelo amancane futhi unikeze abanikazi bamabhizinisi amandla okuphatha izimvume kudatha yabo elawulwayo. Yenza ukuqinisekiswa kwamalungelo kanye nobulungu beqembu njalo.
Landelela yonke into
Izimiso "zero trust" zisho ukulawula nokuqinisekisa yonke into. Ukungena kuzo zonke izingcingo zenethiwekhi, ukufinyelela kwefayela, noma umlayezo we-imeyili ukuze uhlaziyele umsebenzi onobungozi akuyona into engenziwa umuntu oyedwa noma iqembu. Ngakho sebenzisa phezu kwamalogi aqoqiwe ukuze uthole kalula izinsongo kunethiwekhi yakho, njenge , uhlelo olungayilungele ikhompuyutha noma ukukhishwa kwedatha okuyimfihlo.
Ukusetshenziswa kwemodeli "yezero trust".
Ake sikhethe ezimbalwa izincomo eziyinhloko lapho usebenzisa imodeli ethi "zero trust":
- Buyekeza yonke into yesu lakho lokuvikela ulwazi ukuze ihambisane nezimiso ze-Zero Trust: Buyekeza zonke izingxenye zesu lakho lamanje ngokumelene nezimiso Zero Trust ezichazwe ngenhla futhi uzilungise njengoba kudingeka.
- Hlaziya isitaki sakho sobuchwepheshe samanje futhi ubone ukuthi sidinga ukubuyekezwa noma ukushintshwa ukuze uzuze i-Zero Trust: Hlola nabakhiqizi bobuchwepheshe obusebenzisayo ukuze uqinisekise ukuthi bathobela izimiso zokwethembana. Xhumana nabathengisi abasha ukuze uthole izixazululo ezengeziwe ezingase zidingeke ukuze kusetshenziswe isu le-Zero Trust.
- Landela indlela ehlelekile nengamabomu lapho usebenzisa i-Zero Trust: Zibekele imigomo elinganisekayo nemigomo ongayifinyelela. Qinisekisa ukuthi abahlinzeki bezixazululo abasha nabo bahambisana nesu elikhethiwe.
I-Zero Trust Model: Thembela Abasebenzisi Bakho
Imodeli ethi "zero trust" iyigama elingelona iqiniso, kodwa "ungathembi lutho, qinisekisa konke," ngakolunye uhlangothi, akuzwakali kukuhle kangako. Udinga ukwethemba ngempela abasebenzisi bakho, uma (futhi lokhu “uma” kukhulu ngempela) sebephumelele izinga elanele lokugunyazwa futhi amathuluzi akho okuqapha awazange athole lutho olusolisayo.
I-Zero Trust Principle nge-Varonis
Lapho usebenzisa umgomo we-Zero Trust, i-Varonis ikuvumela ukuthi uthathe indlela yokungathembi lutho ukuphepha kwedatha:
- UVaronis iskena amalungelo okufinyelela kanye nesakhiwo sefolda ukuze kuzuzwe , ukuqoka abanikazi bedatha yebhizinisi kanye ukuphathwa kwamalungelo okufinyelela ngabanikazi ngokwabo.
- UVaronis ihlaziya okuqukethwe futhi ihlonze idatha ebalulekile ukwengeza isendlalelo esengeziwe sokuphepha nokuqapha kulwazi lwakho olubucayi kakhulu, kanye nokuthobelana nezimfuneko zomthetho.
- UVaronis iqapha futhi ihlaziye ukufinyelela kwefayela, umsebenzi ku-Active Directory, VPN, DNS, Ummeleli kanye nemeyili ngoba ukuziphatha kwawo wonke umsebenzisi kunethiwekhi yakho.
iqhathanisa umsebenzi wamanje nemodeli yokuziphatha okujwayelekile ukuhlonza imisebenzi esolisayo futhi ikhiqize isigameko sokuvikeleka esinezincomo zezinyathelo ezilandelayo zosongo ngalunye olutholiwe. - Varonis inikeza uhlaka lokuqapha, ukuhlukaniswa, ukuphathwa kwezimvume kanye nokuhlonza izinsongo, okudingekayo ukuze usebenzise umgomo othize kunethiwekhi yakho.
Kungani imodeli ye-Zero Trust?
Isu lezero lokuthembana lihlinzeka ngezinga elibalulekile lokuvikela ekuvuzeni kwedatha kanye nezinsongo zesimanje ze-cyber. Bonke abahlaseli badinga ukungena kunethiwekhi yakho yisikhathi kanye nogqozi. Alikho inani lama-firewall noma izinqubomgomo zephasiwedi ezizowamisa. Kuyadingeka ukwakha izithiyo zangaphakathi nokuqapha konke okwenzekayo ukuhlonza izenzo zabo lapho zigetshengwa.
Source: www.habr.com