Zero Trust Security Eases Compliance Jitters

Management angst about compliance standards grows in tandem with the adoption of new regulations, which means it is approaching exponential growth. Developing policies and technologies to support burgeoning compliance requirements is an endless chore. What to do, what to do….  According to an article in Security Boulevard, businesses are turning to the “zero trust framework.” A research company introduced the concept in 2010 in response to the realization that the “moat and castle” defensive strategy was not working. Ten years ago it was apparent that perimeter defenses were having a minimal effect on hackers who were determined to breach those defenses. More investment didn’t seem to be the answer. Zero trust assumes that no user, device or application outside or inside the network can be deemed safe, so each must be validated before being allowed access to network assets. The article reviews a five-step process to approaching compliance through the zero trust framework methodology.