{"id":2760,"date":"2022-03-04T07:14:13","date_gmt":"2022-03-04T07:14:13","guid":{"rendered":"https:\/\/sagaratechnology.com\/blog\/?p=2760"},"modified":"2022-03-04T07:39:17","modified_gmt":"2022-03-04T07:39:17","slug":"zero-trust-security-for-business-security","status":"publish","type":"post","link":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/","title":{"rendered":"Zero Trust Security For Business Security"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<p>Zero Trust Security systems, known by many as security infinity, which applies an approach to the design and implementation of IT systems. A trusted security model by eliminating trust, whose job is to prevent cyber attacks such as data leaks by eliminating the concept of &#8220;trust&#8221; from the company&#8217;s network architecture,<\/p>\n\n\n\n<p>In 2018, US <a href=\"https:\/\/sagaratechnology.com\/blog\/cybersecurity-in-the-workplace-tips-for-2022\/\">cybersecurity<\/a> researchers at <a href=\"https:\/\/www.nist.gov\/\">NIST<\/a> and <a href=\"https:\/\/www.nccoe.nist.gov\/\">NCCoE<\/a> published SP 800-207, Zero Trust Architecture. From that publication, Zero Trust is defined as a collection of concepts and ideas designed to reduce uncertainty in enforcing accurate access per request decisions on information systems and services to deal with networks that are deemed to have been hacked.&nbsp;<\/p>\n\n\n\n<p>Zero Trust Security is a security system with an architectural model that is widely applied by various companies to strengthen their infrastructure.<\/p>\n\n\n\n<p>Today, Zero Trust can mean many things to people. There are three principles that define Zero Trust Security.<\/p>\n\n\n\n<p>First, can be a means of setting a posture for gaining access to applications and network resources (regardless of the source).<\/p>\n\n\n\n<p>Second, serves as an architectural model for how companies manage elements in network, application, and identity environments to improve security posture through a \u201cno trust by default\u201d model.<\/p>\n\n\n\n<p>Third, can be a context model to eliminate binary decision-making in providing application and service actions by considering access request conditions.<\/p>\n\n\n\n<p>These principles apply to all entities that can threaten both internally and externally.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-69e16acf63fa6\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-69e16acf63fa6\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Why_Zero_Trust_Security\" >Why Zero Trust Security?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#The_Concept\" >The Concept<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Zero_Trust_Security_Framework\" >Zero Trust Security Framework<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Identity\" >Identity<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Device\" >Device<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Data\" >Data<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Application\" >Application<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Infrastructure\" >Infrastructure<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#Network\" >Network<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Why_Zero_Trust_Security\"><\/span><strong>Why Zero Trust Security?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Zero Trust Security has proven to be more effective than traditional perimeter-based or secure zone-based models that have until recently been used as the basis for the concept of securing corporate assets. Many companies are still using the old concept. The old concept divides business perceptions into two zones: the internal zone or safe zone, which is considered the safest zone with a fairly high level of trust, and the external zone, known as the dangerous zone and full of cyber threats.<\/p>\n\n\n\n<p>But ironically, it is precisely the internal zone that has been known as the safest zone that has received many cyber attacks. The potential for leakage of company data is not from external zones which in fact are controlled by the majority of hackers, but from the company&#8217;s employees themselves because their lack of knowledge of data security makes them vulnerable to various types of cyber threats.<\/p>\n\n\n\n<p>We can see from this case that Zero Trust Security enterprise protection is important for companies because it is more modern and can adapt to increasingly complex IT environments ranging from remote security, protecting workers, devices, applications, and data wherever the company is located.<\/p>\n\n\n\n<h2><span class=\"ez-toc-section\" id=\"The_Concept\"><\/span><strong>The Concept<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Anything behind a corporate firewall is not secure. Because it constantly verifies requests as if the request came from an open network. Therefore, Zero Trust Security emphasizes not to trust all types of requests, regardless of their origin.<\/p>\n\n\n\n<p>Zero Trust Security will also authenticate, authorize and encrypt each request before granting permission. Not only that, but it also has the principle of rights and micro-segmentation to reduce the risk of intrusion on the network, as well as the intelligence and analysis used to respond to irregularities directly.<\/p>\n\n\n\n<h2><span class=\"ez-toc-section\" id=\"Zero_Trust_Security_Framework\"><\/span><strong>Zero Trust Security Framework<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Zero Trust Security has a framework to make it well-managed for business security. The following is the framework contained in this security model<\/p>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Identity\"><\/span><strong>Identity<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>It is important to know who needs access and ensure a clear identity.<\/p>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Device\"><\/span><strong>Device<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Requests related to data access to existing browsers and applications must be ensured from verified devices.<\/p>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Data\"><\/span><strong>Data<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Protect data from unauthorized transfers by utilizing the auto-classification step and encryption process.<\/p>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Application\"><\/span><strong>Application<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Application access and configuration must be secure with defined policies. Not only that but the behavior of the application must also be monitored to prevent it from suspected irregularities.<\/p>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Infrastructure\"><\/span><strong>Infrastructure<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Perform infrastructure settings and configurations based on the best steps, especially in the security aspect.<\/p>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Network\"><\/span><strong>Network<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Just because a device is used on an internal network, don&#8217;t let it be trusted. Encrypt internal communications and restrict access according to policy, and implement micro-segmentation and threat detection in real-time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zero Trust Security systems, known by many as security infinity, which applies an approach to the design and implementation of IT systems. A trusted security model by eliminating trust, whose job is to prevent cyber attacks such as data leaks by eliminating the concept of &#8220;trust&#8221; from the company&#8217;s network architecture, In 2018, US cybersecurity&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2761,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2,297,128,282,124],"tags":[112,127,98,33],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Zero Trust Security For Business Security - Sagara Asia Blog<\/title>\n<meta name=\"description\" content=\"Zero Trust Security known by many as security infinity, which applies an approach to the design and implementation of IT systems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Zero Trust Security For Business Security - Sagara Asia Blog\" \/>\n<meta name=\"twitter:description\" content=\"Zero Trust Security known by many as security infinity, which applies an approach to the design and implementation of IT systems.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2022\/03\/BusinessDriversZeroTrustSecurity.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"dazzakah\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zero Trust Security For Business Security - Sagara Asia Blog","description":"Zero Trust Security known by many as security infinity, which applies an approach to the design and implementation of IT systems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/","twitter_card":"summary_large_image","twitter_title":"Zero Trust Security For Business Security - Sagara Asia Blog","twitter_description":"Zero Trust Security known by many as security infinity, which applies an approach to the design and implementation of IT systems.","twitter_image":"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2022\/03\/BusinessDriversZeroTrustSecurity.png","twitter_misc":{"Written by":"dazzakah","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#article","isPartOf":{"@id":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/"},"author":{"name":"dazzakah","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/person\/7425111422eb76dd4b88fef33e161b35"},"headline":"Zero Trust Security For Business Security","datePublished":"2022-03-04T07:14:13+00:00","dateModified":"2022-03-04T07:39:17+00:00","mainEntityOfPage":{"@id":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/"},"wordCount":673,"commentCount":0,"publisher":{"@id":"https:\/\/sagaratechnology.com\/blog\/#organization"},"keywords":["business","Digital Business","Fintech","Technology"],"articleSection":["Business + Tech Solution","Cybersecurity","Informasi Bisnis","Informasi Digital","Technology"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/","url":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/","name":"Zero Trust Security For Business Security - Sagara Asia Blog","isPartOf":{"@id":"https:\/\/sagaratechnology.com\/blog\/#website"},"datePublished":"2022-03-04T07:14:13+00:00","dateModified":"2022-03-04T07:39:17+00:00","description":"Zero Trust Security known by many as security infinity, which applies an approach to the design and implementation of IT systems.","breadcrumb":{"@id":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/sagaratechnology.com\/blog\/zero-trust-security-for-business-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sagaratechnology.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Business + Tech Solution","item":"https:\/\/sagaratechnology.com\/blog\/category\/tech-business\/"},{"@type":"ListItem","position":3,"name":"Zero Trust Security For Business Security"}]},{"@type":"WebSite","@id":"https:\/\/sagaratechnology.com\/blog\/#website","url":"https:\/\/sagaratechnology.com\/blog\/","name":"Sagara Asia Blog","description":"Dapatkan Informasi Seputar Teknologi dan Bisnis","publisher":{"@id":"https:\/\/sagaratechnology.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sagaratechnology.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sagaratechnology.com\/blog\/#organization","name":"Sagara Technology","url":"https:\/\/sagaratechnology.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2021\/10\/sagara-logo.jpeg","contentUrl":"https:\/\/sagaratechnology.com\/blog\/wp-content\/uploads\/2021\/10\/sagara-logo.jpeg","width":200,"height":200,"caption":"Sagara Technology"},"image":{"@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/sagara-asia\/"]},{"@type":"Person","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/person\/7425111422eb76dd4b88fef33e161b35","name":"dazzakah","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sagaratechnology.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d059363987f08ca6599822ee4e6f6f2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d059363987f08ca6599822ee4e6f6f2?s=96&d=mm&r=g","caption":"dazzakah"}}]}},"_links":{"self":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts\/2760"}],"collection":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/comments?post=2760"}],"version-history":[{"count":3,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts\/2760\/revisions"}],"predecessor-version":[{"id":2765,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/posts\/2760\/revisions\/2765"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/media\/2761"}],"wp:attachment":[{"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/media?parent=2760"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/categories?post=2760"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sagaratechnology.com\/blog\/wp-json\/wp\/v2\/tags?post=2760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}