Architecturally speaking, cloud-native applications are broken down into smaller components that are highly dynamic, distributed, and ephemeral. Because each of these components is communicating with other components inside or outside the cluster, this architecture introduces new attack vectors that are difficult to protect against using a traditional perimeter-based approach.
“Zero trust” still confuses people—and for good reason. While the term conveys a certain absolute authority (“zero,” “nope,” “nothing”), contemporary approaches offer much more nuanced capabilities. And while zero trust today is typically associated with security initiatives, the concepts have their origin in the definition of network perimeters, who is granted access, and how that access is provided.
Can’t see the forest through the trees. Can’t tell the ransomware from the apps. Can’t contain the malware if you can only see parts of the network. Ransomware hackers have several different tools in their toolbelt to gain access to a computer and then a network. Common exploits include email phishing campaigns, remote desktop protocol (RDP) vulnerabilities, and software vulnerabilities.
By Nate Smolenski In May, the National Institute of Standards and Technology (NIST) released the white paper, “Planning for a Zero Trust Architecture,” which illustrates how agencies can make this transition by leveraging the seven steps of the NIST Risk Management Framework (RMF): Prepare, categorize, select, implement, assess, authorize, and monitor.
Moving to a new home is listed as one of the main stressors in life. When organizations switch offices to accommodate business needs, moving can also be a major stressor for IT teams — but it doesn’t need to be. Not too long ago we moved our Boston office to a new location, one of our major engineering hubs, where many of our engineers and IT members work.
