What are the most effective Zero Trust technologies in the market today?

I'm working with a certain company on a next generation SOCKS service and what that should look like with the fewest tools possible. We're beating our heads together trying to figure it out and it has a lot to do with visibility. They call it zero trust but they're trying to come up with the next generation SOCKS and want to be able to just drop it into somebody's network, no matter the size, and protect everybody because they're tired of seeing all these breaches, even if you have a SOCKS as a service.

Anonymous Author
I'm working with a certain company on a next generation SOCKS service and what that should look like with the fewest tools possible. We're beating our heads together trying to figure it out and it has a lot to do with visibility. They call it zero trust but they're trying to come up with the next generation SOCKS and want to be able to just drop it into somebody's network, no matter the size, and protect everybody because they're tired of seeing all these breaches, even if you have a SOCKS as a service.
1 upvotes
Anonymous Author
One way many of us are likely to deploy zero trust is with our deployments of MS Office and Exchange 365 with Security E5 level.  Depending on licensing, if you use the more advanced security features then you get “dynamic authentication”.  For example, if I'm on my network, in my usual office, on a company-owned PC, then it knows the user, location and device. It will simply ask me for my username and password. But if I'm on my personal laptop at a Starbucks, then it's going to ask me for multi-factor authentication and buzz my phone for approval. Maybe it will ask for more information, and perhaps limit my access to certain resources. Maybe I can access the open internet like a vendor, but I can't access the transactional system because it knows who I am, and I seem to have the right information and I've even answered the second factor properly, but it's uncertain about where I'm located or what machine I'm on. And it also recognizes impossible logins— like if I log on in San Francisco at 10am and remain active, but then at 11am suddenly it looks like I'm located in New York City.  That's an “impossible situation”, so those smarts and geolocation have to be built in to block access at that point. That's what Zero Trust is about, and the Microsoft Office suite actually does quite a bit of that. There are a number of other technologies out there that do the same, but Microsoft Office is the one that most of us in various different industries are most likely to touch and may already be using.
1 upvotes