Zero Trust
Zero Trust refers to an approach to cyber security that operates on the premise that an organization should never trust any outside user, device, network, or application. The Zero Trust security framework was created by Forrester Research. It is based on segmenting network, user and device access. User access must be authenticated and repeatedly monitored.
Privileged Access Management (PAM) is limited by using temporary tokens rather than fixed passwords. Zero Trust employs user and entity behavior analytics (UEBA) to detect unusual activity by users than may indicate a threat. Zero Trust has six key tenets:
1. Identity verification - of people and machines. Each admin should have a unique account.
2. Contextualization of requests - A database admin should not have rights to all databases.
3. Secure admin environment - server access should not be permitted from workstations.
4. Grant Least Privilege - additional rights are granted as the need to perform certain tasks arises.
5. Adaptive control - stronger verification should be required if someone with the correct user name and password logins in from an unfamiliar location.
6. Audit everything - sessions should be monitored in real time. Documentation of user activity can track which users typically perform which actions and spot suspicious activity.