Implementing Zero Trust Compliance

Jun 13 2019

What does a Zero Trust framework look like on the ground? On this episode of What It Means, we’re joined by Principal Analysts Renee Murphy and Chase Cunningham to explore the intersection of Zero Trust and compliance.

Featuring:

Renee Murphy, Principal Analyst, and Chase Cunningham, Principal Analyst

Show Notes:

At first glance, Zero Trust may seem like a compliance headache. If nothing can be trusted, then everything must be watched like a hawk. But Zero Trust recognizes that not all data is created equal. Some data will be more important and crucial to your business. Zero Trust, working in tandem with other advancements, can support a microsegmentation strategy that ensures that your most sensitive data is also your most protected.

With a perimeter-based strategy, differing treatment is impossible — any breach is a breach of everything. Zero Trust’s more nuanced approach to access changes the game but only with the right implementation. As Principal Analysts Renee Murphy and Chase Cunningham explain, there are two foundational steps to successful Zero Trust compliance: a mature data classification framework and shipshape identity and access management.

Think of business data like jewelry. While you might leave some cubic zirconia lying around in a dresser drawer, you store your great-grandmother’s diamond necklace in a safety deposit box. And while you may let dinner party guests mingle throughout the house, you won’t give each guest a key to that box. The same applies to your data: Not all data requires the same treatment. Finally, your compliance controls can reflect this.