zero trust

Protecting your organization using a Zero Trust framework

It’s time to apply a Zero Trust approach to everything — including people, devices, code and solutions.

“Zero Trust needs to be applied to everything, every person, every device, every code that you write, or that you buy, and you need to put the right protections above it, behind it, in between it, to monitor behavior, to make sure that it's doing what it says it's supposed to do.”

Rackspace Technology Chief Technology Evangelist and podcast host Jeff DeVerter summed up the all-encompassing Zero Trust approach that organizations need to be taking. In the latest Cloud Talk podcast episode, Jeff is joined by Gary Alterson, Rackspace Technology Vice President of Security Services as they explore what Zero Trust security is.

The old ways are no longer enough to keep environments secure. Alterson describes how, for example, passwords are failing to provide protection. “Now due to the ability to phish, or even just go harvesting on the dark web, passwords have lost a lot of meaning as a modicum for identifying whether or not somebody is who they say they are and whether they are trustworthy.”

So, where do you begin with a Zero Trust approach? Alterson explains, “It's a framework or philosophical approach to how you build systems, applications and solutions. And the idea is that you validate the trustworthiness of the components, whether that's an individual or a piece of software.”

One of the ways to bolster security does indeed involve solutions. “There are solutions in the remote access, authentication and identity space that support a Zero Trust approach. The same thing is true in internal networking. And all these pieces come together for a solution that helps implement the Zero Trust framework,” says Alterson.

They also discuss additional ways to protect your organization, including:

  • Incorporating an identity story to validate patterns of authentication
  • Using microsegmentation to apply constraints between devices
  • Validating and scanning code before placing it in workloads
  • Training developers to write secure code
  • Implementing DevSecOps to ensure code is built securely in the DevOps environment

When it comes to the cloud hyperscalers, they all have the tooling to support security — but it’s not the same as a Zero Trust approach. But Alterson predicts, “Check back in a couple of quarters from now and there will be a solution. And there are third-party technology solutions and things you can build yourself as well.”

Listen & Follow

 

Join the Conversation: Find Solve on Twitter and LinkedIn, or follow along via RSS.

Stay on top of what's next in technology

Learn about tech trends, innovations and how technologists are working today.

Subscribe

zero trust e-book

E-book: Zero Trust Security Workbook

About the Authors

rackspace logo

Rackspace Technology Staff - Solve

The Solve team is made up of a curator team, an editorial team and various technology experts as contributors. The curator team: Eric Miller, CTO, Rackspace Technology Jeff DeVerter, Chief Technology Evangelist, Rackspace Technology Taylor Bird, VP, Technical Strategy, Rackspace Technology The editorial team:  Aly Hayes, Program Manager Larry Meyer, Creative Management Mike Rastiello, Product Manager  Royce Stewart, Chief Designer  Simon Andolina, Design Tim Mann, Design Debbie Talley, Production Manager  Nell-Marie Colman, Editor  Chris Barlow, Editor  Chris Schwartz, Editor & Producer  Daniel Jamieson, Writer Liz Staplefoote, Writer Brooke Kaczmarek, Social Media Manager 

Read more about Rackspace Technology Staff - Solve