Verify, but Never Trust?
Much is being written lately about so-called "Zero Trust Model" security, which prompts me to ask, "Since when did we security folk trust anyone?" On the NIST site, you'll find a thorough report NIS...
Published Mar 19, 2014
Version 1.0
amolari, great comment. My article above is focusing on the data path, certainly. But the management plane is equally important consideration in a "Zero Trust Model" for security. Despite the catchy term, Zero Trust doesn't mean that no one gets trusted. It would be pretty hard to get much done if we didn't allow access to data or the systems that managed the data path. What Zero Trust really means is that we must put controls in place at every level to ensure the *appropriate* level of trust/access for each individual user. Even if you lock an F5 admin into tmsh-only (via Appliance Mode), you still are assigning an enormous amount of trust, just not quite so much as root-level access.
Many organizations are employing stricter and well-instrumented access controls to the management plane of the IT infrastructure, just as they would and do apply to their critical customer-facing web applications.