FINAL WORD

As organisations attempt to carry out broad network transformations , moving to a Zero Trust architecture is a critical initial step . Mohit Bijlani , Head of UK / IRE at Cloudflare , tells Intelligent CIO Europe ’ s Mrigaya Dham about how Cloudflare ’ s approach differs from other vendors and the most significant risks it helps to mitigate .

Before discussing Zero Trust , we need to understand how traditional IT security paradigms operate or have operated . With the right traditional IP security models applied – what we recognise as the castle and moat concept – means the network perimeter is considered a relatively safe zone or the ‘ castle ’. Security controls were mainly applied to actors trying to gain access to resources and applications that resided within that network perimeter from the outside . In this case , those who were a part of the organisation within that network perimeter were trusted implicitly and given free rein along with access to almost everything .

In contrast , Zero Trust security architecture implies you should trust no one and nothing implicitly – regardless of where actors are accessing applications or resources from and agnostic of where those resources or applications reside . It is important to understand that this is a common fallacy . People think that Zero Trust is a single product or piece of technology but that is not the case . Instead , it is a framework that comprises several different security principles and technologies with a Zero Trust network access , or zip DNA as it is commonly referred to , being the driving principle . The market invariably uses these two interchangeably .

How does Cloudflare ’ s approach to providing Zero Trust security differ from other vendors in the market ?

Firstly , a vendor landscape is typically two buckets – either vendors such as hardware appliance-based vendors , right point solution vendors , such as makers

84 INTELLIGENTCIO EUROPE www . intelligentcio . com