Blog Posts Business Management

Why trust in Zero Trust is growing

Blog: NASSCOM Official Blog

Digital transformation across organizations has progressed at warp speed in the past year, whether it has been for enabling employees to work remotely or reimagining business operations in the evolving new normal. At the heart of this is digital security with relentless efforts to keep environments not just secure but also make them resilient and future-proof. Securing users, data and devices in context of work from anywhere has become absolutely critical.

The number of personal devices accessing corporate networks is spiking and subsequently, the corporate network perimeter has been redefined. Identity-based attacks have significantly increased using tactics like password spraying, phishing, and breach replays and it is the need of the hour for organizations to implement real-time, AI-based protections that prevent identity compromise. At the same time, security professionals are looking for effective ways to better manage alerts and proactively prevent attackers.

A Zero Trust security model where identities form the foundation of modern cybersecurity strategy is becoming inevitable. Slowly but surely, trust in Zero Trust is growing. When the pandemic hit last year, organizations that were already on their Zero Trust journey found it easier to transition to remote work and came out stronger in their ability to deflect sophisticated cyber-attacks.

So what exactly is the Zero Trust security model?

Zero Trust teaches us to “Never trust, Always verify.” The Zero Trust model assumes breach and verifies each request as though it originates from an open network, instead of assuming that everything behind the corporate firewall is safe. Every access request is fully authenticated, authorized, and encrypted before granting access.

Zero Trust is based on three simple principles:

Having a strong identity is the critical first step to the success of a Zero Trust security approach. Identities—whether they represent people, services, or IoT devices—define the control plane in which access decisions are made.

The Zero Trust mindset is the foundation for organizational resilience, the cornerstone of effective protection, and the future of security. Security, compliance, identity, and management are not standalone elements in an organization’s digital armor but are interdependent. For instance, a highly successful Zero Trust Security Model runs on the foundation of Extended Detection & Response (XDR) defined as an integrated suite of security products spanning hybrid IT architectures, designed to interoperate and coordinate enterprise-wide threat prevention, detection, and response. XDR unifies control points, security telemetry, analytics, and operations into one enterprise system and accelerates the adoption of Zero Trust security model. Using a multi-vendor approach with zero trust security creates complexity, which can lead to data silos and delayed detection times. Such a siloed approach can be an opportunity for the adversary to slip in through the cracks.

Many organizations are now realizing the urgent need of integrated and contextual security to reshape their security posture for tomorrow. Today, all organizations, irrespective of scale, vertical or complexity, need a security model that protects people, devices, apps, and data wherever they are, empowers a remote or hybrid workforce and continually adapts to evolving business needs. And organizations will have to design their modern security strategies to deliver simplicity in the face of complexity.

The fundamental aim of all security efforts is to make the world a safer place for all. In the end, security is about people – the need to protect people, the desire to bring people together, and the collective efforts to strengthen our defense.

By Irina Ghose, Executive Director – Cloud Solutions, Microsoft India

This blog was first published on Microsoft Stories India.

The post Why trust in Zero Trust is growing appeared first on NASSCOM Community |The Official Community of Indian IT Industry.

Leave a Comment

Get the BPI Web Feed

Using the HTML code below, you can display this Business Process Incubator page content with the current filter and sorting inside your web site for FREE.

Copy/Paste this code in your website html code:

<iframe src="" frameborder="0" scrolling="auto" width="100%" height="700">

Customizing your BPI Web Feed

You can click on the Get the BPI Web Feed link on any of our page to create the best possible feed for your site. Here are a few tips to customize your BPI Web Feed.

Customizing the Content Filter
On any page, you can add filter criteria using the MORE FILTERS interface:

Customizing the Content Filter

Customizing the Content Sorting
Clicking on the sorting options will also change the way your BPI Web Feed will be ordered on your site:

Get the BPI Web Feed

Some integration examples