Zero Trust Architecture

Zero Trust requires designing a simpler and more secure architecture without impeding operations or compromising security

Criterion’s approach to a Zero Trust model allows for the principle, “never trust and always verify access,” while ensuring user-access control. It reduces the component access to the data by leveraging network sensor platforms and network segmentation, constrains lateral network movement by implementing security devices, enhances threat/vulnerability prevention, and implements security protection strategies.

Core Capabilities

Criterion’s Zero Trust approach assumes that an attacker is ever present within an environment. Therefore, we develop an enterprise reference architecture that is based on drastically reducing the size of implicit trust zones while adding granular access rules and opportunities to enforce these rules. This is achieved by expanding the number of policy decision and enforcement points across key areas of the defense-in-depth model and leveraging both new and existing cyber capabilities to challenge subject and data movement. This approach will more effectively mitigate the risk of successful data breaches and limit internal lateral movement as a result of internal compromise. It is also effective across any type of system boundary, whether it is on-premise, hybrid, or native cloud.

Criterion delivers a Zero Trust approach that:

  • Re-prioritizes and integrates existing capabilities and resources
  • Takes advantage of investments already made to enhance Zero Trust architecture without spending a substantial amount of money on new technology
  • Improves organizational security posture
  • Enhances threat/vulnerability prevention
  • Reduces authorization uncertainties
  • Ensures user-access control
  • Provides more effective incident response

Getting Started

In accordance with NIST SP 800-207, Criterion offers a four-step approach for organizations to get started with Zero Trust.

Strategy

Decision made to adopt Zero Trust as a core strategy.

Architecture & Plan

Generated based on detailed knowledge of organization’s assets, subjects, data flows, and workflows.

Vision

Plan includes a vision that identifies a target end state, including a best-fit approach per element that reinforces organization-specific mission objectives.

Execution Strategy

Includes policy updates, governance body spin-up or change in operations, hiring, end-user and system administrator training, procurement, reallocation of resources, etc.

Thought Leadership

Here are our latest blog posts on Zero Trust–related topics written by Criterion subject matter experts.