NIST Offers 19 Ways to Build Zero Trust Architectures

Excerpt:  “If you’re trying to secure your organization’s computer network from cyberattacks, traditional approaches may not work. Gone are the days when you could keep all your electronic assets inside a single building and construct a firewall between them and the wider internet. Now you have remote workers logging in from distant cities and cloud-based software applications running elsewhere in a data center. You’ve heard that your best bet for protecting all these far-flung assets is to create a zero trust architecture (ZTA), which assumes that no user or device can be trusted, regardless of its location or previous verification. So how do you start? Helping answer that question is the goal of newly finalized guidance from the National Institute of Standards and Technology (NIST). Implementing a Zero Trust Architecture (NIST Special Publication (SP) 1800-35) shows you how others have built ZTAs so that you can build your own. Developed through a project at the NIST National Cybersecurity Center of Excellence (NCCoE), the publication offers 19 example implementations of ZTAs built using commercial, off-the-shelf technologies. It also offers results and best practices from the 24 industry collaborators who participated in the project.”