National Security Agency unveils zero-trust security model guidance: 5 guidelines

The National Security Agency has released guidance on the zero-trust security model with recommendations to implement zero trust within networks. The zero-trust security model is a coordinated system strategy that assumes breaches are inevitable or have already occurred.

Five guidelines for implementing the zero-trust model:

  1. The zero-trust system relies on network users to never trust any user, device or application and to always verify authenticity.

  2. Users should assume that the adversary already has a presence in the network.

  3. Apply security policies across all domains (mobile, LAN, WAN, etc.).

  4. Embrace multi-factor authentication for users to make stealing credentials more difficult.

  5. Incorporate zero-trust architecture incrementally in a strategic plan to avoid increased vulnerabilities during the transition.

 

To see the full list of guidelines, click here.

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars