I feel like zero trust doesn’t completely allow getting rid of the need of traditional perimeter security.
I see perimeter security as the foundation you would build a zero trust concept on.
Am I completely wrong? Would enterprises really make crucial management interfaces „publicly available“ behind zero trust mechanisms? Let’s say the management address/interface of your ESXi host. Wouldn’t this create „locked doors“ something that previously was a concrete wall, making it easier for potential entry?
Zero Trust always sounds like only applications and/or services the „end user“ would use will be made available via the mechanisms zero trust provides, not the management, server, database interface or whatever else there is on the back that’s going on. I would expect there to be stuff that would possibly still need physical connection to the company network or rather a really well secured remote access service.
Am I wrong in this? I really have a hard time understanding how zero trust looks in practice. And it also feels like zero trust brings tons of potential for security breaches.
No comments:
Post a Comment