Zero Trust and SASE

Wisdom can come from unusual sources, even the lyrics of classic rock bands from my youth. The band Pink Floyd, in their song “Dogs” from the 1977 album “Animals,” noted, “You have to be trusted by the people that you lie to so that when they turn their backs on you, you’ll get the chance to put the knife in.”

This lyric reminds us of something important about trust: it creates vulnerability. We let our guard down at our peril. This simple truth is the foundation of a network security philosophy known as Zero Trust.

Assume the Worst

Despite the name, Zero Trust doesn’t mean nothing is trusted under any circumstances. It means trust is not implicitly granted and never more than necessary for a particular user or device to accomplish its function. It is a suspicious posture, assuming all networks are untrustworthy, potentially even hostile, including those running on company infrastructure inside branch offices.

It requires users and devices to be explicitly authenticated, where possible using multi-factor authentication. And it dynamically assesses “trustworthiness,” so user actions that might be permissible from a company-managed laptop plugged into a company-managed Ethernet switch might be disallowed when attempted from an unmanaged device over a public WIFI network at a coffee shop or airport.

By assuming the worst, Zero Trust architecture minimizes the risk of compromise and limits the potential harm a compromise might cause.

Zero Trust and SASE

The fact that Zero Trust is an essential ingredient in the Secure Access Service Edge (SASE) framework should come as no surprise. SASE is tailored to the modern enterprise, where more users may be remote than in offices and more applications and data may be in the cloud than in the data center.

SASE provides security in a world where the Internet is the WAN and traditional notions of security perimeters are obsolete. It is a world in which the suspicions of Zero Trust are manifestly justified. SASE without Zero Trust would be a recipe for disaster. Trust me.

À propos de GTT

GTT connects people across organizations, around the world, and to every application in the cloud. Our clients benefit from an outstanding service experience built on our core values of simplicity, speed, and agility. GTT owns and operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. We also offer a complementary portfolio of managed services, including managed SD-WAN from leading technology vendors.

RELATED CONTENT

Aerial Car Factory 3D Concept: Automated Robot Arm Assembly Line Manufacturing Advanced High-Tech Green Energy Electric Vehicles. Construction, Building, Welding Industrial Production Conveyor
Blog

SD-WAN in Manufacturing

Next-generation networking will help manufacturing companies respond quickly to rapid change and enable broader transformation. A recent survey by IDC* sponsored by GTT took the pulse of the industry across the U.S. and Europe to find the top drivers for transformation. Manufacturing enterprises that use a managed SD-WAN service do so for a wide variety of reasons: the top 2 are managing technology upgrades and getting better protection against security threats. Read the paper for more.

Blog Featured Image
Blog

Five reasons for Managed Detection and Response

This new blog from global director of security products at GTT, Erik Nordquist, looks at the myriad reasons MDR can save you time and money, while looking for threats 24/7.

Blog Featured Image
Blog

5 Tips for Defending Against DDoS Attacks

A blog that discusses the evolution and increasing sophistication of DDoS attack, and the steps to take and tools to implement that will help mitigate that threat.

Our Gartner Rating

Gartner Peer Insights Reviews
4.2


62 Reviews

88%
as of the last 12 months