“Zero Trust needs to be applied to everything, every person, every device, every code that you write, or that you buy, and you need to put the right protections above it, behind it, in between it, to monitor behavior, to make sure that it's doing what it says it's supposed to do.”
Rackspace Technology Chief Technology Evangelist and podcast host Jeff DeVerter summed up the all-encompassing Zero Trust approach that organizations need to be taking. In the latest Cloud Talk podcast episode, Jeff is joined by Gary Alterson, Rackspace Technology Vice President of Security Services as they explore what Zero Trust security is.
The old ways are no longer enough to keep environments secure. Alterson describes how, for example, passwords are failing to provide protection. “Now due to the ability to phish, or even just go harvesting on the dark web, passwords have lost a lot of meaning as a modicum for identifying whether or not somebody is who they say they are and whether they are trustworthy.”
So, where do you begin with a Zero Trust approach? Alterson explains, “It's a framework or philosophical approach to how you build systems, applications and solutions. And the idea is that you validate the trustworthiness of the components, whether that's an individual or a piece of software.”
One of the ways to bolster security does indeed involve solutions. “There are solutions in the remote access, authentication and identity space that support a Zero Trust approach. The same thing is true in internal networking. And all these pieces come together for a solution that helps implement the Zero Trust framework,” says Alterson.
They also discuss additional ways to protect your organization, including:
Incorporating an identity story to validate patterns of authentication
Using microsegmentation to apply constraints between devices
Validating and scanning code before placing it in workloads
Training developers to write secure code
Implementing DevSecOps to ensure code is built securely in the DevOps environment
When it comes to the cloud hyperscalers, they all have the tooling to support security — but it’s not the same as a Zero Trust approach. But Alterson predicts, “Check back in a couple of quarters from now and there will be a solution. And there are third-party technology solutions and things you can build yourself as well.”
Listen & Follow
Join the Conversation: Find Solve on Twitter and LinkedIn, or follow along via RSS.
Stay on top of what's next in technology
Learn about tech trends, innovations and how technologists are working today.
The Solve team is made up of a curator team, an editorial team and various technology experts as contributors.
The curator team:
Srini Koushik, CTO, Rackspace Technology
Jeff DeVerter, Chief Technology Evangelist, Rackspace Technology
The editorial team:
Gracie LePere, Program Manager
Royce Stewart, Chief Designer
Simon Andolina, Design
Tim Mann, Design
Abi Watson, Design
Debbie Talley, Production Manager
Chris Barlow, Editor
Tim Hennessey Jr., Writer
Stuart Wade, Writer
Karen Taylor, Writer
Meagan Fleming, Social Media Specialist
Daniel Gibson, Project Manager
You are using an outdated browser and are receiving a degraded experience. Please switch to the latest version of Microsoft Edge, Mozilla Firefox, Safari or Google Chrome.
[Dismiss]
