Zero Trust is not just a network segmentation.
It is a holistic approach to protect all the Enterprise Assets including Data, Devices, User access as well as Applications.
It also provide granular visibility, automation and orchestration.
Let us look at how the IT landscape is looking today.
There is a huge amount of shift happening. The users device and applications are everywhere. There are more and more applications moving into the cloud nowadays.
Today majority of the users are working from home be it regular Employees, Contractors or 3rd Parties including suppliers.All of them if you look at it they use their personal devices to access the corporate devices. Majority of those devices are "unmanaged' today and there is a increased number of IoT devices are getting connected today.
Because of this evolving perimeter the traditional perimeter security no longer holds good.
This has posted great amount of business challenge due to increased attacked surface and the complexity that it brings in, also there is huge amount of gaps in visibility.
If you look at it we don’t have a greater visibility in to who is accessing these resources, from where are they accessing these resources and where these endpoints reside.
If we do not have visibility it is very very difficult to protect the corporate assets.
Because of the change in IT Landscape the threat vector is also changing day by day. If you look at it 50% of web applications are vulnerable today and there is increase amount of targeted attacks on devices specially on the IoT. We could also see multi-fold increase of IoT devices.
On the identity front 80% of breaches are happening through targeted identity attacks.
The average time to detect a breach is 206 days. 100% of data breaches lack of segmentation.
So how are we going to protect all the assets within an enterprise.
At Cisco we have classified these assets into 3 major categories.
Workplace - With more and more connected devices, the workspace has extended far beyond the four walls of you company building.
Workforce - Employees are at risk of identity theft, which is one of the most widespread types of fraud today.
Workload - New vulnerabilities in applications and their improper management open highways for cybercriminals.
The idea is get visibility into these assets and also ensuring secure communication as well as access to these resources.
Cisco's Zero Trust approach provides automated policy based controls in protecting these assets.
For Workplace we can look at Cisco SDAccess to secure all user and devices connections across your network that includes your IoT as well.
For the Workload the connections between the datacenter and as well as the workloads that are there on the cloud Cisco Tetration will come in very very handy.
For the Workforce side how to do we ensure that the right users are accessing the right application in a secure manner. Cisco DUO is the answer for securing the workforce.
Net net if you look at it Cisco’s Zero Trust approach extends the trust boundary to support currently distributed enterprise network.
It establishes the trust for every request coming in from all users no matter where ever it comes from.
It also secures your application as well as the network.