Governance & Risk Management , Zero Trust
Zero Trust: Two Models for Implementation
LafargeHolcim's Manish Dave on Building a FrameworkManish Dave, head of IT security and compliance at LafargeHolcim, a multinational company that manufactures building materials, describes two ways to implement the "zero trust" model: User-to-application and workload-to-workload segmentation.
See Also: Cloud Security and Developers: Role of Zero Standing Privilege
"User-to-application is very simple. It depends on what is the kind of authentication you want to build and what is the kind of verification you want to do," Dave says. To use the workload-to-workload approach, he adds, "once a user sends a request, and you have identified and verified, there will be multiple servers which will try to connect to other servers. That journey of the request needs to be seamless."
In a video interview with Information Security Media Group, Dave also discusses:
- Why enterprises begin with implementing zero trust framework from network;
- How to build a zero trust framework from various components;
- Tools to leverage when shifting to the zero trust model.
Dave is head of IT security and compliance at LafargeHolcim. He has more than 30 years of experience in infrastructure and operations, networks, and data center management. Dave has spent more than 16 years working in information security and has implemented international security standards and frameworks.