Is it possible to implement Zero Trust in a 100% remote company?

Security & GRCCulture & Values
3.3k views3 Upvotes6 Comments
Director of IT in Manufacturing, 1,001 - 5,000 employees
I believe in most companies you can implement principals of Zero Trust across the environment. You will rarely be able to accomplish a pristine Zero Trust environment for varying reasons so the key is to take the core principals of zero trust and try to apply them to your environment, particularly the aspects around microsegmentation, least privilege and least access. Microsegmentstion isn’t impossible to implement, even at on a host to host basis.

Use hypervisor or cloud based network ACL like AWS security groups, use host base firewalls with appropriately restrictive rules, where possible use firewall control planes across environment segments (dev, test, prod, workstations, etc.
3
Director Of Technology in Education, 51 - 200 employees
Yes. If you don’t “trust” the employees laptops or smartphones and make them login/verify identity EVERY time they use those devices. Possible but not very practical for daily use.

If their work provided laptop or personal mobile device is trusted then it isn’t 100% ZERO TRUST. If someone steals the laptop or mobile device and it’s trusted…
4
CEO, MSSP - High Assurance Cybersecurity SOC in Services (non-Government), 1,001 - 5,000 employees
Yes, and that scenario is the poster child for ZT.
2
Director of IT in Software, 201 - 500 employees
Zero Trust can be implemented in any company, if you have 100% remote company then you absolutely need Zero Trust
2
VP of IT, Self-employed
Yes, absolutely, such environments are as if made to order for zero trust implementation using micro-segmentation platforms that can segment user to application, application to application both agent and agentless approaches, across data centers, multi-cloud and Kubernetes.
VP of IT & CISPO in Finance (non-banking), 201 - 500 employees
Absolutely. I would argue that it is needed more in a remote company.  

With remote organizations you don't have access or control over the networks your users connect from. You also don't have the fear of being seen mitigating some of their actions.  In this type of environment Zero Trust is critical.  
1

Content you might like

Can ISO 27001 compliance be considered as benchmark for security maturity of an organization?

Governance, Risk & ComplianceSecurity & GRC

Yes87%

No13%


157 PARTICIPANTS
1k views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
143 19 Replies
Read More Comments
47.2k views133 Upvotes326 Comments

What services matter most (or are your favorite) in alignment with your cloud provider? i.e. Database/warehouse (like Redshift), analytics, AI/ML…

Strategy & ArchitectureCloudEnd-User Services & Collaboration+24 more
Read More Comments
2k views3 Upvotes2 Comments

Have you been able to successfully integrate AI/ML into your enterprise search? What were your greatest challenges or failures in doing so?

Strategy & ArchitectureEnd-User Services & CollaborationApplications & Platforms+25 more
Read More Comments
1.8k views3 Upvotes2 Comments

So many improvements in an organization depend on not just talking about change, but actually implementing change - specifically: - improving culture - especially at the individual level around owning and delivering on concrete goals or everyday processes - strong accountability - especially around tasking, outcomes and ownership to get-things-done - rising productivity - especially around digital-first and digitally-savvy behaviors like asynchronous work, and peer-to-peer knowledge transfer - continuous improvement in processes - especially via crowdsourced ideas for improvement becoming adopted by everyone - continuous innovation - especially in a way that's process-driven so that lots of ideas can go through a pre-designed funnel  Which of the following are true, in your organization?

People & LeadershipStrategy & ArchitectureCloud+15 more

Accountability - There's no system for accountability - we just rely on people keeping their word33%

Innovation - There's a structured process to contribute an idea and see the eventual outcome and decisions53%

People - Our company finds it difficult to do any of the above33%

People - Laggards hold things back but certain people and teams make it happen31%

General - We find it difficult to do any of the above15%

IT - We are held back from most of the above by legacy systems and a dependence on IT24%

Processes and Workflow - We've reached a point where email, chat and documentation have been replaced with accountable tasking and repeatable processes17%

Processes and Workflow - We publish processes or documentation and try to keep it up-to-date13%

Something else (comments below)1%


617 PARTICIPANTS
5k views6 Upvotes2 Comments