{"id":36902,"date":"2023-08-04T23:04:52","date_gmt":"2023-08-04T23:04:52","guid":{"rendered":"https:\/\/zpesystems.com\/?p=36902"},"modified":"2023-08-09T15:03:10","modified_gmt":"2023-08-09T15:03:10","slug":"zero-trust-security-architecture-zs","status":"publish","type":"post","link":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/","title":{"rendered":"Zero Trust Security Architecture"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.17.4&#8243; _module_preset=&#8221;default&#8221; da_disable_devices=&#8221;off|off|off&#8221; global_colors_info=&#8221;{}&#8221; da_is_popup=&#8221;off&#8221; da_exit_intent=&#8221;off&#8221; da_has_close=&#8221;on&#8221; da_alt_close=&#8221;off&#8221; da_dark_close=&#8221;off&#8221; da_not_modal=&#8221;on&#8221; da_is_singular=&#8221;off&#8221; da_with_loader=&#8221;off&#8221; da_has_shadow=&#8221;on&#8221;][et_pb_row _builder_version=&#8221;4.21.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.17.4&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_image src=&#8221;https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg&#8221; alt=&#8221;The words zero trust in a circle with simulated computer architecture as the background.&#8221; title_text=&#8221;The words zero trust in a circle with simulated computer architecture as the background.&#8221; _builder_version=&#8221;4.21.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_text _builder_version=&#8221;4.21.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<p>In today\u2019s economy, businesses can\u2019t afford to neglect their cybersecurity architecture. According to a<a href=\"https:\/\/cybersecurityventures.com\/cybercrime-to-cost-the-world-8-trillion-annually-in-2023\/\"> recent report<\/a>, cybercrime damages are expected to reach $10.5 trillion annually by 2025. Attacks are more frequent and damaging, thanks partly to the difficulty in establishing a solid security perimeter around a modern enterprise network. With Internet of Things (IoT) device usage on the rise and networks expanding to include remote branch offices and edge data centers, it can be impossible to clearly define the boundaries of a network, let alone effectively defend those boundaries. For example, many organizations use tools like Citrix to enable secure remote access to enterprise resources, but recently, <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-critical-citrix-adc-and-gateway-flaw-exploited-as-zero-day\/\">high-risk vulnerabilities<\/a> were discovered in several Citrix gateway products. The very tools we rely on to defend our expanding perimeter may leave us the most exposed to attacks.<\/p>\n<p>The zero trust security methodology was created to address the challenges involved in traditional, perimeter-based defense strategies. This post defines a zero trust security architecture, discusses some of the gaps typically left in such an architecture and provides tips for avoiding these pitfalls.<\/p>\n<table style=\"margin-left: auto; margin-right: auto; width: 492px;\" align=\"center\">\n<tbody>\n<tr>\n<td style=\"width: 482px; text-align: center;\"><b>Table of Contents:<\/b><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 482px;\">\n<ol>\n<li style=\"list-style-type: none;\">\n<ul>\n<li aria-level=\"1\"><a href=\"#1\">What is a zero trust security architecture?<\/a><\/li>\n<li aria-level=\"1\"><a href=\"#2\">Tips for implementing zero trust without gaps<\/a>\n<ul>\n<li aria-level=\"2\"><a href=\"#3\">Reduce human error with centralized orchestration<\/a><\/li>\n<li aria-level=\"2\"><a href=\"#4\">Prioritize incident response and recovery planning<\/a><\/li>\n<li aria-level=\"2\"><a href=\"#5\">Secure the control plane on a dedicated OOB network<\/a><\/li>\n<\/ul>\n<\/li>\n<li aria-level=\"1\"><a href=\"#6\">Build your zero trust security architecture with Nodegrid<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 id=\"1\">What is a zero trust security architecture?<\/h2>\n<p>A zero trust security architecture is designed around the principle of \u201cnever trust, always verify.\u201d Traditional security architectures assume that every user and device should be implicitly trusted as long as they\u2019re inside the organization\u2019s network perimeter. That assumption leaves compromised accounts and malicious insiders free to move laterally around the network, accessing and exfiltrating data or executing ransomware in the process.<\/p>\n<p>On the other hand, a zero trust security architecture assumes that every account and device is already compromised unless trust is continuously established. The zero trust methodology was founded by Forrester analyst <a href=\"https:\/\/www.forrester.com\/blogs\/a-look-back-at-zero-trust-never-trust-always-verify\/\">John Kindervag<\/a> in 2009; the same year, Google\u2019s <a href=\"https:\/\/cloud.google.com\/beyondcorp\">BeyondCorp<\/a> project launched with the sole purpose of defining and developing a zero trust security architecture.<\/p>\n<p>Zero trust uses<a href=\"https:\/\/zpesystems.com\/micro-segmentation-for-zero-trust-networks-zs\/\"> network micro-segmentation<\/a>, advanced authentication, Layer 7 (application-level) threat monitoring, and highly-granular security policies to verify trust and prevent lateral movement. Risk is calculated for each resource on the network, and then micro-perimeters of specific security controls are built around the resource micro-segment. Users and devices must establish trust each time they hit a micro-perimeter no matter how elevated their accounts are or where they\u2019re accessing the network from, making it easier to spot and disable a compromised account. This is how a zero trust architecture limits the blast radius and duration \u2013 and thus the cost \u2013 of cyberattacks.<br \/><span style=\"color: #ffffff;\">.<\/span><\/p>\n<div class=\"blog-table\">\n<table style=\"margin-left: auto; margin-right: auto; width: 884px;\" align=\"center\">\n<tbody>\n<tr style=\"background-color: #214c64 !important; color: white;\">\n<td style=\"border: 2px solid black; width: 872px; text-align: center;\"><strong>Tips for building a zero trust security architecture<\/strong><\/td>\n<\/tr>\n<tr style=\"border: 2px solid black;\">\n<td style=\"border: 2px solid black; width: 872px;\">\n<ul>\n<li aria-level=\"1\"><a href=\"https:\/\/zpesystems.com\/zero-trust-security-model-zs\/\">\u00a0The Ultimate Guide to a Zero Trust Security Model for an Enterprise<\/a><\/li>\n<li aria-level=\"1\"><a href=\"https:\/\/zpesystems.com\/how-to-implement-zero-trust-for-ot-zs\/\">\u00a0How to Implement Zero Trust for OT (Operational Technology)<\/a><\/li>\n<li aria-level=\"1\"><a href=\"https:\/\/zpesystems.com\/what-is-a-zero-trust-gateway-zs\/\">\u00a0What Is a Zero Trust Gateway?<\/a><\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>[\/et_pb_text][et_pb_text _builder_version=&#8221;4.21.2&#8243; _module_preset=&#8221;default&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2 id=\"2\">Tips for implementing zero trust without gaps<\/h2>\n<p>Zero trust is not a single solution to purchase and deploy in your enterprise &#8211; it\u2019s a combination of tools, policies, and proccesses that contribute to a more resilient network. The complexity of a zero trust architecture makes it prone to gaps. For example, manually configuring and managing so many moving parts increases the risk of human error. Additionally, zero trust doesn\u2019t prevent 100% of attacks, but many organizations lack a comprehensive recovery plan. Plus, you can\u2019t have a zero trust environment unless you isolate all administrative interfaces for infrastructure.<\/p>\n<p>During the planning stage of your zero trust security implementation, you should keep the following three questions in mind:<\/p>\n<ol>\n<li aria-level=\"1\">How will you manage so many different policies and solutions?<\/li>\n<li aria-level=\"1\">Do you have tools to aid you in recovering from a successful attack?<\/li>\n<li aria-level=\"1\">How will you protect your control plane from malicious actors on your network?<\/li>\n<\/ol>\n<p>Addressing these challenges with the following best practices will help you build a successful zero trust security architecture.<\/p>\n<h3 id=\"3\">Reduce human error with centralized orchestration<\/h3>\n<p>A zero trust security architecture includes hundreds or thousands of individual security policies and solutions. Configuring and managing this architecture is a monumental task prone to human error, leading to potential vulnerabilities. According to Microsoft, configuration errors cause 80% of ransomware attacks, making human error a major threat to network resilience. The best way to reduce complexity and prevent mistakes is to be able to see and manage all your solutions from one place, with the ability to automate regardless of skill level.<\/p>\n<p>A <a href=\"https:\/\/zpesystems.com\/what-is-security-as-a-service-zs\/\">centralized security orchestration platform<\/a> allows administrators to configure, monitor, deploy, and automation all their zero trust solutions from a single place. The best practice is to use a vendor-neutral platform that integrates with third-party zero trust vendors for identity and access management (IAM), next-generation firewalls (NGFWs), and more. Such a platform allows organizations to build bespoke micro-perimeters using the preferred solutions, regardless of vendor, and still manage the entire architecture from a single pane of glass. Plus, with a holistic view of the security architecture, organizations gain a more accurate perspective on their overall security posture and have the context needed to spot systemic issues or subtle indicators of a breach.<\/p>\n<h3 id=\"4\">Prioritize incident response and recovery planning<\/h3>\n<p>According to a recent report from<a href=\"https:\/\/blog.checkpoint.com\/2023\/01\/05\/38-increase-in-2022-global-cyberattacks\/\"> Check Point Research<\/a>, the global volume of cyberattacks reached an average of 1168 per week per organization in Q4 of 2022. That means there\u2019s no question of \u201cif\u201d a breach will occur, only \u201cwhen\u201d it will happen. It\u2019s essential to consider incident response and recovery when you build your zero trust security architecture to reduce the cost of an attack.<\/p>\n<p>Research from <a href=\"https:\/\/assets.sophos.com\/X24WTUEQ\/at\/4zpw59pnkpxxnhfhgj9bxgj9\/sophos-state-of-ransomware-2022-wp.pdf\">Sophos<\/a> found that 70% of organizations hit by ransomware took longer than two weeks to recover, implying they didn\u2019t have the right recovery architecture in place. Downtime gets more expensive the longer it goes on, so organizations must improve their recovery capabilities. For example, data backups are critical to recovery efforts, so they must be protected by zero trust authentication and policies to prevent compromise or corruption. In addition, backup data, systems, and infrastructure must be validated with security scans before they\u2019re restored to ensure they don\u2019t reinfect the network with malware. Getting business back up and running as soon as possible will decrease the cost of cyberattacks, which means a <a href=\"https:\/\/zpesystems.com\/build-an-isolated-recovery-environment-zs\/\">recovery toolkit<\/a> is an essential component of a zero trust architecture.<\/p>\n<h3 id=\"5\">Secure the control plane on a dedicated OOB network<\/h3>\n<p>The management interfaces used by administrators to control network infrastructure are often excluded from cybersecurity planning because because end users don\u2019t access them. Only admins have usernames and passwords, and they trust their own security hygiene, so they (incorrectly) assume these interfaces are safe. If zero trust policies aren\u2019t applied to the control plane, a compromised administrator account could completely wipe out your infrastructure and gain unfettered access to sensitive data and backups. The <a href=\"https:\/\/zpesystems.com\/the-biggest-ransomware-attack-you-havent-heard-of-yet\/\">blast radius of such an attack<\/a> would be devastating and severely hamper recovery efforts.<\/p>\n<p>A recent <a href=\"https:\/\/www.cisa.gov\/news-events\/directives\/bod-23-02-implementation-guidance-mitigating-risk-internet-exposed-management-interfaces\">CISA directive<\/a> provides guidance for reducing the risk of open management ports. The best practice for a zero trust security architecture is to keep the control plane on a separate,<a href=\"https:\/\/zpesystems.com\/defining-oob-network-and-oob-management\/\"> out-of-band (OOB) network<\/a>. An OOB network uses dedicated infrastructure that\u2019s isolated from the production LAN, preventing lateral movement by attackers. This also allows administrators to perform recovery operations even when ransomware or hardware compromises bring down the production network. In addition, zero trust policies and controls must be applied to the OOB control plane to prevent a compromised administrator account from gaining too much access.<\/p>\n<div class=\"blog-table\">\n<table style=\"margin-left: auto; margin-right: auto; width: 884px;\" align=\"center\">\n<tbody>\n<tr style=\"background-color: #008aab !important; color: white;\">\n<td style=\"border: 2px solid black; width: 872px; text-align: center;\"><strong>Tips for building a zero trust security architecture<\/strong><\/td>\n<\/tr>\n<tr style=\"border: 2px solid black;\">\n<td style=\"border: 2px solid black; width: 872px;\">\n<ul>\n<li>A vendor-neutral security orchestration platform reduces management complexity and mitigates the risk of human error<\/li>\n<li>Integrating a recovery toolkit in the architecture will help limit the cost and business disruption of successful attacks<\/li>\n<li>Keeping the control plane on an OOB network and applying zero trust policies and controls will limit the blast radius of a breach<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>The zero trust methodology asks us to assume that devices and accounts are already compromised, and attackers have breached the network, requiring everyone to continuously prove trustworthiness before accessing enterprise resources. A successful zero trust architecture is unified by a vendor-neutral orchestration platform, prioritizes business resilience and recovery, and secures management interfaces with the same strict policies and controls as the production network.<\/p>\n<h2 id=\"6\">Build your zero trust security architecture with Nodegrid<\/h2>\n<p>Building such an architecture is easier with the Nodegrid solution from <a href=\"https:\/\/zpesystems.com\/\">ZPE Systems<\/a>. Nodegrid is a vendor-neutral <a href=\"https:\/\/zpesystems.com\/why-you-need-an-out-of-band-cybersecurity-platform-zs\/\">security orchestration platform<\/a> that delivers unified control of the entire architecture of zero-trust policies and controls to reduce complexity and mitigate the risk of human error. Nodegrid <a href=\"https:\/\/zpesystems.com\/products\/branch-solutions\/\">branch gateway routers<\/a> and <a href=\"https:\/\/zpesystems.com\/products\/data-center-solutions\/serial-consoles\/nodegrid-serial-console-plus\/\">serial console servers<\/a> provide secure OOB management, so you get an isolated control plane without deploying an entire secondary network. You can even use Nodegrid to build an isolated recovery environment (IRE) to streamline ransomware recovery and reduce the business impact of attacks.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;CTA&#8221; _builder_version=&#8221;4.21.2&#8243; _module_preset=&#8221;default&#8221; text_text_color=&#8221;#FFFFFF&#8221; background_color=&#8221;#358AAF&#8221; custom_margin=&#8221;||||true|false&#8221; custom_padding=&#8221;30px|30px|30px|30px|true|true&#8221; global_colors_info=&#8221;{}&#8221;]<\/p>\n<h2>Learn how Nodegrid delivers unified orchestration and out-of-band management!<\/h2>\n<p><b>Nodegrid delivers unified orchestration and out-of-band management to help you build your zero trust security architecture. <\/b><b>Contact ZPE Systems<\/b><b> today to learn more.<\/b><\/p>\n<p><a class=\"HSSTYLEDCTA\" href=\"https:\/\/zpesystems.com\/contact\/\">Contact Us<\/a><br \/>\n[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This post defines a zero trust security architecture, discusses some of the gaps typically left in such an architecture, and provides tips for avoiding these pitfalls.<\/p>\n","protected":false},"author":5,"featured_media":36903,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","content-type":"","footnotes":""},"categories":[103,156,162,158,97,134],"tags":[],"class_list":["post-36902","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-improve-network-security","category-micro-segmentation","category-secops","category-security-service-edge-sse","category-user-management","category-zero-trust-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.0 (Yoast SEO v26.0) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Zero Trust Security Architecture<\/title>\n<meta name=\"description\" content=\"This post defines a zero trust security architecture and provides guidance on how to build such an architecture while avoiding pitfalls.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zero Trust Security Architecture\" \/>\n<meta property=\"og:description\" content=\"This post defines a zero trust security architecture and provides guidance on how to build such an architecture while avoiding pitfalls.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/\" \/>\n<meta property=\"og:site_name\" content=\"ZPE Systems\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-04T23:04:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-09T15:03:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"538\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jordan Baker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jordan Baker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/\",\"url\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/\",\"name\":\"Zero Trust Security Architecture\",\"isPartOf\":{\"@id\":\"https:\/\/zpesystems.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg\",\"datePublished\":\"2023-08-04T23:04:52+00:00\",\"dateModified\":\"2023-08-09T15:03:10+00:00\",\"author\":{\"@id\":\"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567\"},\"description\":\"This post defines a zero trust security architecture and provides guidance on how to build such an architecture while avoiding pitfalls.\",\"breadcrumb\":{\"@id\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#primaryimage\",\"url\":\"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg\",\"contentUrl\":\"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg\",\"width\":1000,\"height\":538,\"caption\":\"The words zero trust in a circle with simulated computer architecture as the background.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/zpesystems.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zero Trust Security Architecture\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/zpesystems.com\/#website\",\"url\":\"https:\/\/zpesystems.com\/\",\"name\":\"ZPE Systems\",\"description\":\"Rethink the Way Networks are Built and Managed\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/zpesystems.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567\",\"name\":\"Jordan Baker\",\"url\":\"https:\/\/zpesystems.com\/author\/jordan\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Zero Trust Security Architecture","description":"This post defines a zero trust security architecture and provides guidance on how to build such an architecture while avoiding pitfalls.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/","og_locale":"en_US","og_type":"article","og_title":"Zero Trust Security Architecture","og_description":"This post defines a zero trust security architecture and provides guidance on how to build such an architecture while avoiding pitfalls.","og_url":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/","og_site_name":"ZPE Systems","article_published_time":"2023-08-04T23:04:52+00:00","article_modified_time":"2023-08-09T15:03:10+00:00","og_image":[{"width":1000,"height":538,"url":"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg","type":"image\/jpeg"}],"author":"Jordan Baker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jordan Baker","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/","url":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/","name":"Zero Trust Security Architecture","isPartOf":{"@id":"https:\/\/zpesystems.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#primaryimage"},"image":{"@id":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#primaryimage"},"thumbnailUrl":"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg","datePublished":"2023-08-04T23:04:52+00:00","dateModified":"2023-08-09T15:03:10+00:00","author":{"@id":"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567"},"description":"This post defines a zero trust security architecture and provides guidance on how to build such an architecture while avoiding pitfalls.","breadcrumb":{"@id":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#primaryimage","url":"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg","contentUrl":"https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg","width":1000,"height":538,"caption":"The words zero trust in a circle with simulated computer architecture as the background."},{"@type":"BreadcrumbList","@id":"https:\/\/zpesystems.com\/zero-trust-security-architecture-zs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zpesystems.com\/"},{"@type":"ListItem","position":2,"name":"Zero Trust Security Architecture"}]},{"@type":"WebSite","@id":"https:\/\/zpesystems.com\/#website","url":"https:\/\/zpesystems.com\/","name":"ZPE Systems","description":"Rethink the Way Networks are Built and Managed","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zpesystems.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/zpesystems.com\/#\/schema\/person\/822694040abba23b5253766566cd1567","name":"Jordan Baker","url":"https:\/\/zpesystems.com\/author\/jordan\/"}]}},"rttpg_featured_image_url":{"full":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"landscape":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"portraits":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"thumbnail":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-150x150.jpg",150,150,true],"medium":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-300x161.jpg",300,161,true],"large":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"1536x1536":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"2048x2048":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"et-pb-post-main-image":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-400x250.jpg",400,250,true],"et-pb-post-main-image-fullwidth":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"et-pb-portfolio-image":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-400x284.jpg",400,284,true],"et-pb-portfolio-module-image":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-510x382.jpg",510,382,true],"et-pb-portfolio-image-single":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"et-pb-gallery-module-image-portrait":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-400x516.jpg",400,516,true],"et-pb-post-main-image-fullwidth-large":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"et-pb-image--responsive--desktop":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background.jpg",1000,538,false],"et-pb-image--responsive--tablet":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-980x527.jpg",980,527,true],"et-pb-image--responsive--phone":["https:\/\/zpesystems.com\/wp-content\/uploads\/2023\/08\/The-words-zero-trust-in-a-circle-with-simulated-computer-architecture-as-the-background-480x258.jpg",480,258,true]},"rttpg_author":{"display_name":"Jordan Baker","author_link":"https:\/\/zpesystems.com\/author\/jordan\/"},"rttpg_comment":0,"rttpg_category":"<a href=\"https:\/\/zpesystems.com\/category\/improve-network-security\/\" rel=\"category tag\">Improve Network Security<\/a> <a href=\"https:\/\/zpesystems.com\/category\/micro-segmentation\/\" rel=\"category tag\">Micro-segmentation<\/a> <a href=\"https:\/\/zpesystems.com\/category\/secops\/\" rel=\"category tag\">SecOps<\/a> <a href=\"https:\/\/zpesystems.com\/category\/improve-network-security\/security-service-edge-sse\/\" rel=\"category tag\">Security Service Edge (SSE)<\/a> <a href=\"https:\/\/zpesystems.com\/category\/improve-network-security\/user-management\/\" rel=\"category tag\">User Management<\/a> <a href=\"https:\/\/zpesystems.com\/category\/zero-trust-security\/\" rel=\"category tag\">Zero Trust Security<\/a>","rttpg_excerpt":"This post defines a zero trust security architecture, discusses some of the gaps typically left in such an architecture, and provides tips for avoiding these pitfalls.","_links":{"self":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts\/36902","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/comments?post=36902"}],"version-history":[{"count":11,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts\/36902\/revisions"}],"predecessor-version":[{"id":37202,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/posts\/36902\/revisions\/37202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/media\/36903"}],"wp:attachment":[{"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/media?parent=36902"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/categories?post=36902"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zpesystems.com\/wp-json\/wp\/v2\/tags?post=36902"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}