Does implementing Zero Trust mean sacrificing usability?

LeadershipInfrastructure
425 viewscircle icon1 Upvotecircle icon6 Comments
Sort by:
CISO in Healthcare and Biotech4 years ago

In the way we approached zero trust, or just meant more training prior to full golive to prevent users from getting frustrated.

Lightbulb on2
CTO in Software4 years ago

By itself it doesn't mean anything. It's an approach, a security model that can be applied to a specific area (e.g. ZTN) or broadly across the Enterprise. As was already noted in other comments, it's about eliminating any explicit or implicit trust and focusing on verifying everything (e.g. attestation of endpoints, authentication of users and connections, etc.) Based on the properties of the "as-is" and "to-be" environments and the specifics of the implementation, ZT can potentially improve usability or it can have an opposite effect.

Lightbulb on1
Chief Security Officer in Software4 years ago

No. The whole point of zero trust is it should provide a better experience for your employees and therefore enhance usability.

Lightbulb on2
Managing Partner in Services (non-Government)4 years ago

When we're talking to the board, we ask, what are the assets that you want to protect, and what is it worth to you to protect them? Years ago I had top secret clearance and we had very secure computers that were tempested. You had to be in the physical room with a wire attached to that machine to talk to it. There were no outside connections. So we could make you very secure but your laptop will take 17 minutes to boot up while you go get a cup of coffee and do something else. Where do you work in usability?

You've got to prioritize what needs protecting. If our marketing communication (MarCom) gets compromised, do we care? No. But if a leading edge semiconductor company’s latest design on lithography gets compromised, that’s a problem. But if hackers get your MarCom, you probably don't care. So not everything is equal. That’s when you need to have little insulated islands of smaller hard shells with soft centers because you've still got to have the soft centers to have functionality.

Lightbulb on1
VP IT & Ecommerce in Finance (non-banking)4 years ago

We have some zero trust capabilities within the office, it’s just that we have to turn those on and that’s the added inconvenience. We take pride in service, and if I need to service a policyholder immediately I can’t be without access or have to take time to figure out my dual-factor authentication. Even though it's become very easy, there is still that added hindrance.

Lightbulb on2

Content you might like

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Read More Comments

We are in a world obsessed with the latest technologies, where it seems everything even working should be updated or upgraded to avoid the "imposed" in my opinion "digital obsolescence myth". How inclined are you towards innovation and change when the existing systems are certainly working effectively?

Very inclined: I believe in constantly pushing for innovation and improvement, even if the current systems are effective46%

Moderately inclined: I'm open to innovation and change, but only if it clearly enhances or adds value to the existing systems48%

Not inclined: If the current systems are working effectively, I prefer to maintain stability and avoid unnecessary changes5%

View Results

Can you share any tips for new security leaders to identify blind spots in their organization? How have you approached this when starting a new role in the past?

Is footprinting an effective way to do vulnerability management?

Very effective1%

Somewhat effective52%

Slightly effective31%

Slightly ineffective8%

Somewhat ineffective3%

Not at all effective

Not sure yet1%

View Results