DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones AWS Cloud
by AWS Developer Relations
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones
AWS Cloud
by AWS Developer Relations
  1. DZone
  2. Software Design and Architecture
  3. Security
  4. Putting Identity at the Center of Zero Trust

Putting Identity at the Center of Zero Trust

Identity is a foundational building block of Zero Trust. Here's how to build your Zero Trust strategy with identity at the center.

Jackson Shaw user avatar by
Jackson Shaw
·
Oct. 27, 22 · Opinion
Like (1)
Save
Tweet
Share
4.11K Views

Join the DZone community and get the full member experience.

Join For Free

The modern enterprise is under attack. This begs the question of when, not if, your business will be breached. Gone are the days when cybersecurity revolved around on-premises applications that needed protection from external threats. The times when employees and contractors accessed everything they needed while on your network or in your building are done.

The Current State of Cybersecurity

With evolving digital transformation efforts, remote and hybrid working environments, and growing cloud-first infrastructure, organizations are changing how they do business; simply relying on a network perimeter is no longer sufficient. Organizations—public and private—need to provide access from anywhere, at any time, from any device, service, or application to support business. 

As a response, the federal government has set forth a strategy for federal agencies that provides actionable guidance to private sector companies. This commitment sets forth a Zero Trust Architecture (ZTA) that requires government agencies to meet specific cybersecurity standards and objectives to reinforce the government’s defenses against increasingly sophisticated and persistent threat campaigns. The Biden Administration’s Executive Order and Executive Memorandum on improving the nation’s cybersecurity are further attempts to improve best practices for addressing cyber threats. 

Clearly, leaders need to be more vigilant than ever about their defenses, and implementing a Zero Trust strategy is a great place to start. However, with its buzzworthy allure and silver bullet positioning, the promise and practice of Zero Trust are often misconstrued. So, how can we cut through the noise and start realizing its value? We can start by setting expectations. 

Zero Trust Explained 

As defined by the National Institute of Standards and Technology (NIST), “Zero Trust is a security paradigm that replaces implicit trust with continuously assessed explicit risk and trust levels based on identity and context supported by security infrastructure that adapts to risk-optimize the organization’s security posture.” Trust is essentially not given—it must be earned through a given vetting process.  

But Zero Trust isn’t just about changing security paradigms—it’s about challenging business culture. Always-on access must now be tempered with just enough and just-in-time access to help reduce both insider threats and hackers searching for privileged accounts. An architecture that “never trusts, always verify” is far better suited to delay or even prevent a full-scale data breach. This is not possible without a strong identity governance program. 

Gartner states that “having a robust identity access foundation is a key prerequisite for success.” In fact, The National Cybersecurity Center of Excellence takes it a step further and states that “Enhanced Identity Governance is seen as the foundational component of a Zero Trust Architecture.” Experts and analysts agree that identity is a foundational building block of a successful Zero Trust rollout. Here’s why: 

Why Identity Is Critical  

Identity acts as the connective tissue between optimal workflow and security by ensuring the right employees and contractors have access to the right applications and systems to perform their jobs. A weak identity strategy can result in compromised data, labor-intensive practices, and manual audits that can take upward of months to perform. This creates major security gaps that organizations can’t afford to leave unattended. 

Identity governance allows knowing what access employees and contractors should have inside your organization. When done right, this can automate security access quickly, efficiently, consistently, and accurately at scale. Further, a cloud-based identity governance solution can be even more beneficial, bringing faster time-to-value via seamless integrations and a slighter learning curve for employees. 

One of the most effective ways to implement a successful identity governance program is through an existing IT Service Management (ITSM) system. The good news is that 47% of knowledge workers already turn to ITSM to power part of their identity programs. Unfortunately, manual, insecure, and error-prone methods like email (50%) and spreadsheets (32%) are the biggest competitors here (Gradient Flow). Ultimately, more organizations than not are leaving money on the table and increasing risk. 

There is an excellent opportunity for businesses to take stock of their current tech stack and see where identity fits in, giving way to a more cohesive Zero Trust initiative. Identity plays an essential role in enforcing trust beyond the network down to the user, device, service, and application levels. Instead of viewing identity governance and security as a box to check, it should be used as both a critical business function and a vehicle to achieve Zero Trust. 

While many challenges stand in the way of a Zero Trust implementation—lack of understanding, shifting business priorities, and IT resources, to name a few—it's important to remember it’s a marathon, not a sprint. A complete tech overhaul is not necessary or recommended to get your Zero Trust program off the ground. 

Understand what functionality is available within your ITSM platform, start taking agency over who has access to what within your organization and how it’s managed, and go from there. Change is hard, but a grounded identity program can get you well on your way on your Zero Trust journey. 

Trust (business)

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • How To Best Use Java Records as DTOs in Spring Boot 3
  • Java REST API Frameworks
  • Distributed Tracing: A Full Guide
  • Strategies for Kubernetes Cluster Administrators: Understanding Pod Scheduling

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: