Andy Smith Discusses Zero Trust Privilege in the Modern Threatscape

Inner Circle Podcast Episode 017

Who can you trust? More importantly, how far should that trust extend? Andy Smith, VP of Product Marketing for Centrify, joins me on this episode of the Inner Circle podcast to talk about zero trust privilege. We talk about the reality of the threat landscape and the fact that attackers generally log in with compromised or stolen credentials. From a traditional authentication perspective, the attacker appears as “legitimate”, and–without additional protection–would have free reign to any assets or data the actual owner of the compromised or stolen credentials has access to.

Zero trust security–or zero trust privilege–takes authentication to the next level. It is a combination of the concept of least privilege access and user behavior analysis to consistently monitor activity and verify the credentials of the individual as the individual (or credentialed service or API) moves about the network and accesses different resources.

It’s crucial for organizations to understand that whether an attack is external or internal, it is most likely going to be executed with verified access using legitimate network credentials. Zero trust privilege raises the bar from standard authentication, or even two-factor authentication or least privilege access to provide stronger access management to guard against these attacks.

Tony Bradley: I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram and LinkedIn.
Related Post