How has your zero trust strategy shifted in the last year, if at all? (And if nothing’s changed, how are you thinking about evolving it in the next year or so?)
Sort by:
Director of Information Security in Services (non-Government)2 years ago
As business goals and strategies are remaining fluid, the approach to zero trust follows as well. The goal of replacing a VPN solution with a solution that also simplifies security management is a high priority. Continuous authentication of sessions regardless of the user's physical location is still a top concern.
Director Information Security in Healthcare and Biotech2 years ago
There are components of zero trust we're working on adopting, but overall, it's not a core focus given other priorities. There's a lot of investment required to get to true zero trust along with a shift in user behavior that takes time.
We're accelerating our journey, rather than changing it, by adding more capabilities for users to securely access core services from wherever they're working, with least privilege access, and greater visibility and control around data access and flows. That's a lot of buzz words, but the goal is a technical platform that can be as agile as the business needs it to be, with the appropriate security controls and monitoring in place around that access and activity.
In short, Zero-Trust efforts are enabling us to operate with more agility in more places, so we're moving faster to get them deployed and operationally effective.