{"id":16272,"date":"2018-06-29T15:30:22","date_gmt":"2018-06-29T19:30:22","guid":{"rendered":"https:\/\/www.jumpcloud.com\/?page_id=16272"},"modified":"2022-03-08T13:23:33","modified_gmt":"2022-03-08T18:23:33","slug":"zero-trust-security","status":"publish","type":"resource","link":"https:\/\/jumpcloud.com\/resources\/zero-trust-security","title":{"rendered":"What is Zero Trust Security?"},"content":{"rendered":"\n

Zero trust security is a concept developed by John Kindervag and Forrester Research Inc. in 2009.<\/strong> (Forrester)<\/a><\/p>\n\n\n\n

\"Finding<\/figure><\/div>\n\n\n\n

Also called zero trust network architecture<\/a>, the idea of zero trust security is really a diametrically opposing view to the conventional \u201cperimeter-based\u201d architecture of security over the last twenty to thirty years. With recent identity breaches, vendors and analysts are wondering whether a zero trust security model could work to prevent compromises.<\/p>\n\n\n\n

Early Network Security<\/strong><\/h2>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n

Kindervag describes traditional network security models as being akin to \u201c\u2018. . . an M&M, with a hard crunchy outside and a soft chewy center\u2019\u201d (Forrester<\/a>). IT organizations would create a perimeter \u201cfortress\u201d around their network and then create layers of security so that hackers would struggle to get through them. <\/p>\n\n\n\n

The core of the network would have the most critical assets\u2014data, applications, and identities\u2014and, in theory, the defense in-depth approach made it difficult to get to them from a hacker\u2019s perspective. This approach to security involves implicitly placing trust in not only the perimeter layers, but also users who operate inside of the core of the network.<\/p>\n\n\n\n

The Advent of Zero Trust Security<\/strong><\/h2>\n\n\n\n
\"\"<\/figure>\n\n\n\n

In the modern era, however, bad actors are everywhere, and the traditional method of security leaves something to be desired, as more and more hackers have started attacking networks from both inside<\/em> and out. <\/p>\n\n\n\n

The chart above from a NIST report on Forrester\u2019s development of the zero trust security model shows the most common sources of security breaches from 2011-12. Almost 50% of these attacks originated from inside an organization, while only 25% of those were headed by external sources. In other words, in today\u2019s world, more security threats come from inside an organization.<\/p>\n\n\n\n

So, does the traditional, perimeter-based security model still work?<\/strong><\/em><\/p>\n\n\n\n

If a network is an M&M, it\u2019s clear that the \u201chard outer shell\u201d isn\u2019t doing it\u2019s job to protect the \u201cchewy center.\u201d But the zero trust security model doesn\u2019t rely on a hard outer shell. <\/p>\n\n\n\n

The mindset behind zero trust security is to regard all sources of network traffic, both external and internal, as potential attack vectors. Therefore, all users and resources must be verified and authenticated, system data must be collected and analyzed<\/a>, and network access and traffic must be limited and monitored<\/a>.<\/p>\n\n\n\n

While it may seem a bit paranoid, zero trust security is rooted in the realities of the cloud computing age. Instead of an M&M, the perimeter-less approach to networks more closely resembles a hard candy: equally resilient from perimeter to core.<\/p>\n\n\n\n

Modern Information Security<\/strong><\/h2>\n\n\n\n
\"Cloud<\/figure><\/div>\n\n\n\n

Today, data and applications are stored directly on the internet with SaaS providers and cloud infrastructure. Users are located around the world and need to be able to access their IT resources. Meanwhile, on-prem networks are looking more like internet cafes with WiFi than the fortresses of the past. Hackers no longer need to step through layers of security measures; rather, they can choose specific types of IT resources to target.<\/p>\n\n\n\n

The result is that IT organizations are considering different ways to approach how they protect their environments, especially regarding authenticating user identities. It was recently reported that over 81% of all breaches are caused by identity compromises (CSO<\/a>). <\/p>\n\n\n\n

So, if ever there were something to distrust, it would be identities. But we can\u2019t just eliminate identities. We all need our credentials to access whatever IT resources are necessary. So, how does a zero trust security model work with the fact that identities are most often the conduit to a breach?<\/p>\n\n\n\n

Zero Trust Security in Identity Management<\/strong><\/h2>\n\n\n\n
\"\"<\/figure><\/div>\n\n\n\n

IT security experts have been developing a set of identity security practices<\/a> that can solve this problem. The simplest, yet most powerful, way to confirm identity is to leverage a multi-factor authentication <\/a>(MFA) approach. Requiring a second factor for machines, as well as applications, eliminates a massive level of risk by ensuring that leaked credentials alone won\u2019t be enough to ensure access.<\/p>\n\n\n\n

When you fortify MFA capabilities with strong passwords<\/a>, SSH keys<\/a>, and strong internet hygiene (i.e. ensuring that you are safe on the web with SSLs\/https and only going to credible sites), you can further reduce the chances of a breach. By requiring significant step ups in authentication, as well as a keen policy of internet vigilance, IT organizations can adopt a zero trust security model and apply it to identity management.<\/p>\n\n\n\n

Cloud IAM Solution for Zero Trust Security<\/strong><\/h2>\n\n\n\n
\"Learn<\/figure><\/div>\n\n\n\n

To learn more about leveraging a zero trust security mindset in your identity management solution,\u00a0contact us<\/a>.\u00a0If you are interested in an all-in-one, cloud-based zero trust solution,\u00a0try JumpCloud\u00ae<\/sup>\u00a0Directory-as-a-Service\u00ae<\/sup><\/a>. <\/p>\n\n\n\n

With JumpCloud, you can implement MFA, password restrictions, centralized user management, access controls and more, as well as a platform-agnostic directory service. Schedule a demo<\/a> of JumpCloud, and see what it has to offer.<\/p>\n\n\n\n

\nDemo JumpCloud<\/a>\n\n\n\n

<\/p>\n<\/div>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Zero trust security is a term that\u2019s being thrown around a lot in the world of identity management today.\u00a0But, what is zero trust security? Let’s find out.<\/p>\n","protected":false},"author":70,"featured_media":16273,"template":"","categories":[2337],"collection":[2775],"wheel_hubs":[],"platform":[],"resource_type":[2310],"funnel_stage":[],"coauthors":[2515],"acf":[],"yoast_head":"\nWhat is Zero Trust Security? - JumpCloud<\/title>\n<meta name=\"description\" content=\"Zero Trust Security treats all traffic on your network as a potential threat and uses various tools (like MFA) to verify every user and device.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Zero Trust Security?\" \/>\n<meta property=\"og:description\" content=\"Zero Trust Security treats all traffic on your network as a potential threat and uses various tools (like MFA) to verify every user and device.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-08T18:23:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"4323\" \/>\n\t<meta property=\"og:image:height\" content=\"1700\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Zach DeMeyer\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\",\"url\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\",\"name\":\"What is Zero Trust Security? - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg\",\"datePublished\":\"2018-06-29T19:30:22+00:00\",\"dateModified\":\"2022-03-08T18:23:33+00:00\",\"description\":\"Zero Trust Security treats all traffic on your network as a potential threat and uses various tools (like MFA) to verify every user and device.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg\",\"width\":4323,\"height\":1700,\"caption\":\"What is Zero Trust Security?\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/resources\/zero-trust-security#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Resources\",\"item\":\"https:\/\/jumpcloud.com\/resources\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"What is Zero Trust Security?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What is Zero Trust Security? - JumpCloud","description":"Zero Trust Security treats all traffic on your network as a potential threat and uses various tools (like MFA) to verify every user and device.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/resources\/zero-trust-security","og_locale":"en_US","og_type":"article","og_title":"What is Zero Trust Security?","og_description":"Zero Trust Security treats all traffic on your network as a potential threat and uses various tools (like MFA) to verify every user and device.","og_url":"https:\/\/jumpcloud.com\/resources\/zero-trust-security","og_site_name":"JumpCloud","article_modified_time":"2022-03-08T18:23:33+00:00","og_image":[{"width":4323,"height":1700,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"5 minutes","Written by":"Zach DeMeyer"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/resources\/zero-trust-security","url":"https:\/\/jumpcloud.com\/resources\/zero-trust-security","name":"What is Zero Trust Security? - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/resources\/zero-trust-security#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/resources\/zero-trust-security#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg","datePublished":"2018-06-29T19:30:22+00:00","dateModified":"2022-03-08T18:23:33+00:00","description":"Zero Trust Security treats all traffic on your network as a potential threat and uses various tools (like MFA) to verify every user and device.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/resources\/zero-trust-security#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/resources\/zero-trust-security"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/resources\/zero-trust-security#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/06\/compressed_wood_door.jpg","width":4323,"height":1700,"caption":"What is Zero Trust Security?"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/resources\/zero-trust-security#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Resources","item":"https:\/\/jumpcloud.com\/resources"},{"@type":"ListItem","position":3,"name":"What is Zero Trust Security?"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/resource\/16272"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/resource"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/resource"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/70"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/16273"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=16272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=16272"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=16272"},{"taxonomy":"wheel_hubs","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/wheel_hubs?post=16272"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=16272"},{"taxonomy":"resource_type","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/resource_type?post=16272"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=16272"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=16272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}