Zero Trust
Overview
Zero-Trust security. Switch from a perimeter-based (firewall and VPN) model of access to a user to resource model.
Implement strong, simple identity. Identity for both a person, but also a system. Decouple the identity from the corporation: make it affinitive to the user, a single identity.
Enforce entitlements and authorisation in the network.
This micro-segmentation is simpler to use, more accessible, and, more secure. It reduces the lateral-traversal, it empowers the users, it increases the audit capability. And, its more economical, more scalable. Everybody wins.
Articles
-
That’s the kind of password an idiot uses on luggage: cloud security
Passwords. bits of plain text that end up everywhere in automated systems. etcd. A `secure` way to share secrets. The Internet. A place that everything is guaranteed to end up. This is a toxic brew, read on!
-
Security of the upstream code, and, the importance of the egress firewall
Bad code can come in through our own import statements and software process. Do you run an egress firewall to protect the world from yourself?
-
Using single-sign-on oauth2 across many sites in Kubernetes
Learn how to safely protect ‘internal’ or ‘development’ resources while having them on the public Internet. Simply.