Galeal Zino, CEO of networking security vendor NetFoundry

A Zero Trust security model, which imposes strict access controls and does not trust anyone by default, is the best way for organisations like banks to secure themselves in the multi-cloud era, an expert has claimed.

Traditional security postures have been mainly based on perimeters, where traffic inside an enterprise network was trustworthy, but traffic outside the perimeter was not, pointed out Galeal Zino, CEO of networking security vendor NetFoundry: “However, this is no longer a secure or agile enough posture,” he added. “The premise of Zero Trust is that an organization can no longer risk automatically trusting data based on its location, and instead must implement a role-based access control [RBAC] method which enforces least privilege access application connections. Businesses know they need the security of a Zero Trust architecture, but the problem organizations are grappling with is how to achieve Zero Trust application connections across wide area service meshes comprised of multi-cloud, hybrid cloud, IoT, B2B and connected supply chains?”

Networking methods such as MPLS WAN, SD-WAN and VPN, he said, operate at a coarser level than least privilege access with fine-grained RBAC, and often require bespoke solutions for different environments without the ability to automate them and integrate them with the apps.

by Guy Matthews