Podcast (39 minute listen)

Protecting your organization using a Zero Trust framework

It’s time to apply a Zero Trust approach to everything — including people, devices, code and solutions.

Rackspace Technology Staff - Solve / Rackspace Technology

“Zero Trust needs to be applied to everything, every person, every device, every code that you write, or that you buy, and you need to put the right protections above it, behind it, in between it, to monitor behavior, to make sure that it's doing what it says it's supposed to do.”

Rackspace Technology Chief Technology Evangelist and podcast host Jeff DeVerter summed up the all-encompassing Zero Trust approach that organizations need to be taking. In the latest Cloud Talk podcast episode, Jeff is joined by Gary Alterson, Rackspace Technology Vice President of Security Services as they explore what Zero Trust security is.

The old ways are no longer enough to keep environments secure. Alterson describes how, for example, passwords are failing to provide protection. “Now due to the ability to phish, or even just go harvesting on the dark web, passwords have lost a lot of meaning as a modicum for identifying whether or not somebody is who they say they are and whether they are trustworthy.”

So, where do you begin with a Zero Trust approach? Alterson explains, “It's a framework or philosophical approach to how you build systems, applications and solutions. And the idea is that you validate the trustworthiness of the components, whether that's an individual or a piece of software.”

One of the ways to bolster security does indeed involve solutions. “There are solutions in the remote access, authentication and identity space that support a Zero Trust approach. The same thing is true in internal networking. And all these pieces come together for a solution that helps implement the Zero Trust framework,” says Alterson.

They also discuss additional ways to protect your organization, including:

  • Incorporating an identity story to validate patterns of authentication
  • Using microsegmentation to apply constraints between devices
  • Validating and scanning code before placing it in workloads
  • Training developers to write secure code
  • Implementing DevSecOps to ensure code is built securely in the DevOps environment

When it comes to the cloud hyperscalers, they all have the tooling to support security — but it’s not the same as a Zero Trust approach. But Alterson predicts, “Check back in a couple of quarters from now and there will be a solution. And there are third-party technology solutions and things you can build yourself as well.”

Listen & Follow
Follow via Amazon Music Follow via Apple Podcasts Follow via Google Podcasts Follow via Spotify Follow via Stitcher Follow via TuneIn

Join the Conversation: Find Solve on Twitter and LinkedIn, or follow along via RSS.

Stay on top of what's next in technology

Learn about tech trends, innovations and how technologiest are working today.

Subscribe

About the Author

Rackspace Technology Staff - Solve

The Solve team is made up of a curator team, an editorial team and various technology experts as contributors.

The curator team:

  • Eric Miller, CTO, Rackspace Technology
  • Jeff...

Read More

Sign up for the Solve newsletter

The Solve monthly newsletter brings thoughtfully curated IT insights from analysts, influencers and experts — directly to you.

Subscribe Now