{"id":59239,"date":"2022-02-15T09:30:00","date_gmt":"2022-02-15T14:30:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=59239"},"modified":"2023-01-26T17:11:12","modified_gmt":"2023-01-26T22:11:12","slug":"zero-trust-where-and-how-to-start","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/zero-trust-where-and-how-to-start","title":{"rendered":"Zero Trust: Where and How to Get Started"},"content":{"rendered":"\n

Zero Trust is becoming the industry-standard security framework. However, the term\u2019s overuse in the industry to describe latest-and-greatest products has produced confusion and doubt<\/a> around its definition and validity.<\/p>\n\n\n\n

To clarify, Zero Trust<\/a> is not<\/em> a product or solution, but an approach to security. Solutions may help you establish a Zero Trust security approach, but there is no \u201csilver bullet\u201d to implementing Zero Trust all at once.<\/p>\n\n\n\n

Simplifying Zero Trust<\/h2>\n\n\n\n

This can make Zero Trust seem daunting. Fortunately, there are ways to simplify and kick-start your Zero Trust journey. In this article, we\u2019ll discuss the process of developing a full Zero Trust roadmap, identify high-impact implementations that may help you get your Zero Trust endeavor off the ground, and outline methods for determining where to begin.<\/p>\n\n\n\n

This guidance is designed to help IT professionals at small and medium enterprises (SMEs) make Zero Trust progress, no matter their starting point.<\/p>\n\n\n\n

The Zero Trust Roadmap<\/h2>\n\n\n\n
\"Outstretched<\/figure>\n\n\n\n

Achieving Zero Trust security is usually a 2\u20133 year endeavor, and it can take even more time to reach full Zero Trust maturity. The only way to successfully complete this journey is to break it up into smaller, achievable milestones and accept your incomplete Zero Trust state along the way. <\/p>\n\n\n\n

To help companies do this, Forrester released a Practical Guide to a Zero Trust Implementation<\/a>. This guide outlines a method for setting goals and milestones to draw up a Zero Trust roadmap. The roadmap is typically segmented into five categories, which Forrester recommends addressing in roughly the following order: <\/p>\n\n\n\n

    \n
  1. Identity<\/li>\n\n\n\n
  2. Workloads<\/li>\n\n\n\n
  3. Devices<\/li>\n\n\n\n
  4. Networks<\/li>\n\n\n\n
  5. Data<\/li>\n<\/ol>\n\n\n\n

    Developing the roadmap can be a significant undertaking: it involves assessing your current security posture, understanding business goals, and determining time tables and steps for each phase of the journey. <\/p>\n\n\n\n

    While developing a Zero Trust roadmap is the ideal way to start your journey, time constraints, pressure from leadership, security vulnerabilities, and other factors often create the need to shore up an organization\u2019s security environment more quickly. <\/p>\n\n\n\n

    For those looking for a more immediate way to make progress toward establishing a Zero Trust security approach, the rest of this article will offer guidance on kick-starting Zero Trust and determining where to begin. <\/p>\n\n\n\n

    In the next section, we\u2019ll give a rundown of critical and impactful Zero Trust implementations. Then, we\u2019ll offer guidance on deciding where to start among that list based on your organization\u2019s current state and needs. Note that we still recommend working on a formal roadmap in the background while taking these more immediate actions. <\/p>\n\n\n\n

    Impactful Zero Trust Implementations<\/h2>\n\n\n\n

    It helps to understand some of the common elements of Zero Trust that your company could work toward. Then, based on your environment and priorities, you can more easily identify quick wins that you can implement alongside your formal Zero Trust roadmap planning.<\/p>\n\n\n\n

    The following implementations are critical to upholding Zero Trust security. Establishing or expanding on any of these, therefore, will make significant, direct impacts on your Zero Trust progress. Consult this list and linked resources when exploring various angles for kick-starting Zero Trust in the next section.<\/p>\n\n\n\n

    Identity<\/h3>\n\n\n\n