Zero trust is a security model to help secure IT systems and environments. The core principle of this model is to never trust and always verify. It means never trusting devices by default, even those connected to a managed network or previously verified devices. Modern enterprise environments include networks consisting of numerous interconnected segments, services, and infrastructure, with connections to and from remote cloud environments, mobile devices, and Internet of Things (IoT) devices.

Moving workloads to the cloud has many benefits, and one that is often overlooked is the opportunity to modernize your network. In a traditional “perimeter-based” architecture, users and devices are authenticated and authorized on a device-by-device basis when connecting remotely via VPN.

Government agencies have been working diligently to comply with the 2021 Executive Order on Improving the Nation’s Cybersecurity. The Executive Order (EO) addresses cybersecurity issues by imposing a new series of federal-wide Zero Trust mandates. Agencies were required to submit their plan development and cloud migration path reporting by July and August of 2021, with more deadlines on the horizon.

VMware Tanzu Service Mesh delivers a federated Istio service that brings significant value for enterprise customers beyond the core open source project, improving application security, resiliency, and multi-cloud operations.

2021 marked the fifth consecutive year of record-breaking security attacks. Zero-Day attacks skyrocketed, with 66 exploits found to be in use, more than any other year on record and almost double 2020’s figure. Meanwhile, a staggering 66% of organizations have suffered at least one ransomware attack in the last year, with the average ransom payment soaring by 63% to $1.79 million (USD).

With remote and hybrid working now commonplace for organizations, many IT departments are weighing up the pros and cons of moving to a Zero Trust Network Access (ZTNA) model to replace traditional VPN, or other remote access approaches. While the benefits of moving to ZTNA are compelling: improving user experience, providing enhanced security, reducing management overhead, and increasing visibility and control, it can often be a challenge to select the best approach for your business.

There’s no question that centralized identity and access management (IAM) helps companies reduce risk and prevent attacks. But, as this week’s Okta attack shows, centralized IAM doesn’t eliminate all risks. Attackers with access to IAM data can use this information to easily access downstream systems or modify permissions to grant elevated access to malicious parties.