What are the biggest challenges posed by building Zero trust architecture?

The Zero Trust model has a couple variations in my company. One is access: What level and what type of access do you have? And the other part is: What data is actually being shared or accessed within these systems? We had a bot that we used to limit access to specific protected health information (PHI data) but it became a problem. We envisioned setting a limited number of bots to perform certain operations, but now we have a list of tasks and each one creates a new bot. At the time we felt it was a good model because it was controlled and defined by policy. That’s not the case anymore because there's a gap in how these permissions are being assigned to the bots and there are too many bots.

Anonymous Author
The Zero Trust model has a couple variations in my company. One is access: What level and what type of access do you have? And the other part is: What data is actually being shared or accessed within these systems? We had a bot that we used to limit access to specific protected health information (PHI data) but it became a problem. We envisioned setting a limited number of bots to perform certain operations, but now we have a list of tasks and each one creates a new bot. At the time we felt it was a good model because it was controlled and defined by policy. That’s not the case anymore because there's a gap in how these permissions are being assigned to the bots and there are too many bots.
1 upvotes
Anonymous Author
In The Pentagon's Brain by Annie Jacobsen, the author's premise is that our struggle with Zero Trust stems from the original intent of the internet, which was trust between government agencies and colleges to share data. We've never walked away from that. Now, instead of that gap being based on a place of trust to share information, it's a place of trust to ensure usability. We place user experience over secure design, but those two have to coordinate. They have to intersect now, it can't be one versus the other.
0 upvotes