Building trust in a zero-trust world: Enhancing network security
Department of Computer Networking Rochester Institute of Technology, USA.
Research Article
World Journal of Advanced Engineering Technology and Sciences, 2023, 10(01), 202–221.
Article DOI: 10.30574/wjaets.2023.10.1.0115
Publication history:
Received on 14 May 2023; revised on 25 September 2023; accepted on 28 September 2023
Abstract:
This paper aims to introduce the concept of Zero Trust as a new-generation framework for protection against threats, comparing it with perimeter security measures. In the light of new and evolving complex threats, especially phishing, insider threats, and data theft, organizations have turned a new leaf. Users and devices are constantly verified in Zero Trust, which means the key concept of never trust; always verify in the system means severe threats and lateral moves in networks are minimized.
The work also examines the successes of Zero Trust as the strategy, Google’s BeyondCorp, and Capital One’s evolution in response to a breach, stressing its utility in protecting data and increasing organizational performance. Nonetheless, it is essential to examine the drawbacks of the Zero Trust model closely – this model is based on complex technology, the implementation of which requires significant investments; many users may also resist the introduction of Zero Trust; besides, the integration of Zero Trust with currently operating systems may also pose certain problems.
The study also suggests adopting a phased approach, focusing on people and culture, embracing human factors, and using micronized cloud services. Moving into the future, a continuous convergence with Artificial Intelligence, Cloud-Native Security, Security, and SASE reference architectures will be important in enhancing Zero Trust modularity and minimizing management complexities. When it comes to the application and making it more mainstream, handling legacy system integration will also be an issue to tackle. Thus, I have concluded that Zero Trust can offer a sound foundation for a proactive cybersecurity strategy that will hold up well in the challenging environment of the forthcoming years. However, the implementation of Zero Trust requires significant preparation and severe capital investment to address its difficulties.
Keywords:
Zero Trust; Insider Threats; Network Protection; Network Security; ZTA
Full text article in PDF:
Copyright information:
Copyright © 2023 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0