Cloudy with a Chance of Zero Trust
How to Secure Identity and Credential Access Management (ICAM) in a Multi-Cloud Environment with a Zero Trust Network Architecture (ZTNA)
The US Government/Biden administration issued Executive Order 14028 on Improving the Nation’s Cyber Security, giving companies and developers the need to rethink how to secure their applications and infrastructure.
The Federal Government’s cybersecurity recommendations involve applying the fundamental principles of Zero Trust and prioritizing adoption and use of cloud technology, where applicable. The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.
This article examines how the world’s largest and most secure organizations solve for “ICAM” as described by the National Industry of Standards and Technology (NIST). I have the privilege of working with and leading a team in NIST’s Zero-Trust Multi-Cloud Working Group. I am writing this short blog to provoke thoughtful discussions around ICAM in a multi-cloud Zero Trust Network Architecture (ZTNA) context.
