Time
1 hour 17 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
so fundamental. Number four
00:03
every device, user and network flow must be authenticated and authorized.
00:09
Now real quick example of this.
00:11
How art imitates life. My youngest daughter is still in daycare, and no matter how many times I've held conversations with the receptionist
00:19
and how friendly we have become, I cannot access the lobby, the infant or toddler hallway, or even the classrooms without authenticating with my own very pin.
00:29
Now security doesn't stop or get relaxed after I passed the lobby area, right, But it continues throughout all the zones in that daycare facility.
00:38
This authentication is also required by trusted staff and not just
00:43
parent's or grandparent's. And that's what we see with zero trust.
00:49
Fundamental Number five
00:51
policies must be dynamic and calculated from any source or as many sources
00:57
of data points as possible.
01:00
So right before my wife gets on the road, she always checks Google maps to avoid traffic jams and identifies the safest and quickest way to our destination.
01:08
She isn't relying on our own judgment in the morality with our city to get her from point A to point B,
01:15
she doesn't allow her own knowledge and experience to determine what route she takes.
01:19
She considers other sources,
01:23
which results in a safer and better job experience for her and our Children.
01:26
And so zero trust models wanted to the same one allow nor denying access for our users,
01:33
devices, applications and our network traffic.
01:37
So let's look back at what we covered in this section. We discussed fundamentals 34 and five,
01:44
and those fundamentals are network. Locality is not sufficient
01:48
for deciding trust in a network.
01:51
Every device, user and network flow must be authenticated, unauthorized
01:55
and policies must be dynamic and calculated from his many sources of data as possible.
02:01
Now we also talked about ze scaler and how they embrace zero trust into their security products.
02:08
Primarily these girl private access,
02:12
much more head stay tuned.
02:15
So thank you so much for staying with me. We're back with another pop quiz. Just another learning check
02:23
reference in this section that we just went over.
02:25
So our first question here is, what zone does traditional networks place? Sensitive Data
02:30
number two
02:32
Does e skater claim that there's the scale of private access? Solution can replace traditional virtual private networks, and number three, how many sources of data should be used to calculate data to create policies. All of this we touched on. So you should have a pretty good idea of what those answers are.
02:51
So let's go ahead and take a look at what I got on the next slide.
03:00
So what we've got for our first question,
03:02
what zone does traditional networks play? Sensitive data? It's the privilege zones, right? We talked about that in our analogy. Um, where Ah privilege zone, if you were in a home, was probably your bedroom, and that's where your wallet would be. Your your medical records potentially would be, um,
03:23
and that sensitive data stays in an area where is it's very privileged, and we see that on our traditional networks today,
03:30
where we have P. C I and Hip A data in a privilege zone.
03:34
We move on to question number two. Does the scaler claim that their Izzy's killer private access solution can replace traditional
03:40
virtual private networks? And the answer is yes. Again, it's a solution that I think you all should check out when it comes to zero trust. You know, we focus a lot on how third party vendors, whether it's with target home depot were breached and that caused
04:00
reputational damage, financial loss
04:02
all because of
04:04
remote access solutions that weren't secure and put a lot of trust in those third parties. We move on to question number three. How many sources of data should be used to calculate data to create policies and in zero trust as many as possible. We used the analogy in the storytelling
04:23
about going through a drive through
04:25
and making sure that you didn't have your cashier. Um, you know, check your bag, but you would check it as well, or you would check it together. So Maur more vantage points, More data points. More sources of data on a CZ, many as possible is gonna help you
04:42
come to the best conclusion when you come to creating policies
04:46
that deny or allow access. Thanks so much for sticking with me.

Up Next

Zero Trust Networks

In the Zero Trust Networks training course, students will be introduced to the basics of the zero trust model as it’s applied to users, devices, applications, and network traffic. The course covers zero trust concepts used to protect a company’s networks.

Instructed By

Instructor Profile Image
Mario Bardowell
Instructor