dido:public:ra:xapend:xapend.b_stds:tech:nist:zta
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:ra:xapend:xapend.b_stds:tech:nist:zta [2021/07/30 13:28] murphy |
dido:public:ra:xapend:xapend.b_stds:tech:nist:zta [2021/08/18 11:50] (current) murphy |
||
|---|---|---|---|
| Line 28: | Line 28: | ||
| applications, virtual and cloud components) and subjects (end-users, applications, and other nonhuman entities that request information from resources). Throughout this document, “subject” | applications, virtual and cloud components) and subjects (end-users, applications, and other nonhuman entities that request information from resources). Throughout this document, “subject” | ||
| will be used unless the section relates directly to a human end-user in which “user” will be | will be used unless the section relates directly to a human end-user in which “user” will be | ||
| - | specifically used instead of the more generic “subject.” Zero trust security models assume that an | + | specifically used instead of the more generic “subject.” [[dido:public:ra:xapend:xapend.a_glossary:z:zero-trust_model|Zero trust security models]] assume that an |
| attacker is present in the environment and that an enterprise-owned environment is no | attacker is present in the environment and that an enterprise-owned environment is no | ||
| different—or no more trustworthy—than any nonenterprise-owned environment. In this new | different—or no more trustworthy—than any nonenterprise-owned environment. In this new | ||
| Line 56: | Line 56: | ||
| processes.// | processes.// | ||
| - | Organizations need to implement comprehensive information security and resiliency practices | + | Organizations need to implement comprehensive [[dido:public:ra:xapend:xapend.a_glossary:i:is|information security]] and resiliency practices |
| for zero-trust to be effective. When balanced with existing cybersecurity policies and guidance, | for zero-trust to be effective. When balanced with existing cybersecurity policies and guidance, | ||
| identity and access management, continuous monitoring, and best practices, a ZTA can protect | identity and access management, continuous monitoring, and best practices, a ZTA can protect | ||
dido/public/ra/xapend/xapend.b_stds/tech/nist/zta.1627666129.txt.gz · Last modified: 2021/07/30 13:28 by murphy
