National Security Agency unveils zero-trust security model guidance: 5 guidelines

National Security Agency unveils zero-trust security model guidance: 5 guidelines

Posted March 2, 2021

National Security Agency unveils zero-trust security model guidance: 5 guidelines

  • The zero-trust security model is a coordinated system strategy that assumes breaches are inevitable or have already occurred.
  • Five guidelines for implementing the zero-trust model:
    1. The zero-trust system relies on network users to never trust any user, device or application and to always verify authenticity.
    2. Users should assume that the adversary already has a presence in the network.
    3. Apply security policies across all domains (mobile, LAN, WAN, etc.).
    4. Embrace multi-factor authentication for users to make stealing credentials more difficult.
    5. Incorporate zero-trust architecture incrementally in a strategic plan to avoid increased vulnerabilities during the transition.

– Hannah Mitchell | March 2, 2021