What is Zero Trust Architecture?
And why should I care?
Traditional network security uses firewalls that separate sensitive internal systems from external networks and the Internet.
A critical flaw in the traditional approach is that if malicious actors can get through the firewall, they have access to the internal systems behind it.
Security professionals have advocated towards a model where access to all systems from all network locations is considered untrusted until proven otherwise.
In 2010 then-Forrester analyst John Kindervag coined the term “Zero Trust” for this stricter model of security architecture.
Tetrate helps author and implement Zero Trust security standards
Since 2019, NIST has developed standards for Zero Trust Architecture in a series of publications, including two co-authored by Tetrate founding engineer Zack Butcher.
- NIST Special Publication (SP) 800-207 provides a standard definition of Zero Trust Architecture
- SP 800-204a and SP 800-204b provide NIST standards for security in microservices-based information systems.
Tetrate implements these standards in its application connectivity platform, Tetrate Service Bridge (TSB).
- Ensures/facilitates authenticated, authorized communication between every part of an application.
- Implements next-generation attribute-based access control for fine-grained, dynamic authorization
- Offers centralized policy authorship with global enforcement
In a move spurred into high gear by the executive order, Tetrate has accelerated hiring and development of enhanced service offerings to help enterprises implement Zero Trust.