Zero Trust Paradigm for the Future of Security

Welcome to my podcast. My name is Martin Ko. There's a lot of talk about zero trust environments in it, and it security these days and there's a logic behind it. So with the experience of work from home, we trust recently had to have, and many organizations, many people had to work from home and still have to work from home. The, there was apparently a situation where many people also needed to work as a, bring your own device approach, bringing their own use in their own computers, using their own bios at home, accessing resources of corporations. And so there's a logic of this leading towards a far stronger adoption of the zero trust paradigms in security and changing the way we do it at the end of the day in a shift away from traditional on-premise data centers towards using as a service deployment models. Why is this?
Because at the end, the easiest way is to think in, we have devices which access a service. Unfortunately, we can't trust these devices that much we can't trust the networks these devices are in, but that's the reality by the way, not only in work from home scenarios, but also in, in everything mobile user is doing, the mobile user might use might be required to use an insecure network. Yes, we can add an extra layer of protection, etcetera. There might be this, or there are just reality for years right now, this bring your own device scenarios where people use own devices. So let's reflect this and think in a way where we say, okay, we have device, we need to understand how secure insecurity is. We need to ensure that our information secure help in somewhere where it's accessible, including the service being accessible and then apply the required security measures.
Don't trust the device, don't trust the internal network anymore. We can't trust that we have device is accessing services and think in, in a level, in a way where we say, okay, the device not necessarily secure the network, not necessarily secure. We try to understand how secure it is and then apply appropriate measures of protection to these environments. This is basically the zero trust thinking. Don't trust, verify the trust and apply adequate security measures, but we can do a lot with saying, okay, in fact, we are able to say, this is access from this device. Data always store somewhere in the cloud in as secure, possible location, accessible from everywhere. And then
We applied the, the security measures. We applied a multifactor authentication, adaptive authentication, which varies, varies depending with the, depending on the level of trust. And we built this networks. I think the time really recently has taught us that approaches, which try to go through the internal network, connect everything back, et cetera. They are not flexible enough to deal with specific scenarios we just had or have as well as they're not flexible enough to reflect the reality of work and how work happens these days. So let's really shift us, move to zero trust paradigm. Consequently, thank you for listening to me.