'Zero network trust' should mean exactly what it says

At the recent Forrester Security Conference in Boston I was pleased to see Forrester Analyst John Kindervag presenting on Optimizing Security Architectures And Technologies; No More Chewy Centers: The Zero-Trust Model Of Information Security....

Share

At the recent Forrester Security Conference in Boston I was pleased to see Forrester Analyst John Kindervag presenting on Optimizing Security Architectures And Technologies; No More Chewy Centers: The Zero-Trust Model Of Information Security. Even better, he went on to espouse purist Jericho Forum thinking about the breakdown of the corporate perimeter and the 'soft chewy centre' that we've been talking about since 2002.

From there he went on to explain how you fix the problem - by building security back into parts of the network - and I thought 'fantastic, he's going to do an exposé of why this approach is fundamentally flawed and why, when the Jericho Forum looked at it over five years ago, we rejected it'. 

My heart sank as I realised he was seriously proposing this as a viable solution.

Adding security in to choke points in the network to control traffic is fundamentally flawed. It inhibits collaboration, does not scale for corporate-wide management. More fundamentally it adds cost and huge complexity to a problem that is better solved by simply using open and secure protocols (95 percent of which are readily available today).

I was going to quote which of the eleven Jericho Forum Commandments John is breaking in his proposal, but when I looked it was all of them. Enough said!

Paul Simmonds, Jericho Forum Board Member

"Recommended For You"

Full Disclosure security mailing list reborn under new management Forrester tells CISOs: get closer to CEO as security budgets tighten