The National Institute of Standards and Technology has released draft guidelines for implementing a âzero-trustâ architecture for government networks in line with existing cybersecurity requirements. Zero-trust architecture is mostly focused on data protection but can also be applied to functionalities atÂ an enterprise level.
According to NIST, ZTA can support agenciesâ information technologyÂ modernization operations including cloud migration and continuous diagnostics and mitigation.Â A ZTA-based enterprise environment also warrants constantÂ risk assessments as though hostile elements are already in place within a network.
âOrganizations need to implement effective information security and resiliency practices for zero trust to be effective,âÂ the document stated. âWhen complemented with existing cybersecurity policies and guidance, identity and access management, continuous monitoring, and general cybersecurity, ZTA can reinforce an organizationâs security posture using a managed risk approach and protect against common threats.â
NIST will accept feedback on the guidelines through Nov. 22.