Offering the flexibility of online education and support for military students.
Every day, talented individuals are proving it's never too late to think about the future.
Learn more about becoming an international student at US-based and accredited Kaplan University.
Learn about transferring your previously earned college credits to Kaplan University.
We have partnered with many employers and educational institutions to provide their employees and students with education opportunities.
Corporate and Academic Partners
Kaplan University is dedicated to the support, engagement, and involvement of our graduates.
Resources for current Kaplan University students.
We have 15 ground locations across the country. Explore our locations to see if we're in your neighborhood.
Learning Center Experience
By Ahmed Banafa, FacultySchool
of Business and Information Technology, October 2014
Zero Trust Model of information security simplifies how
information security is conceptualized by assuming there are no longer
“trusted” interfaces, applications, traffic, networks, or users. It takes the
old model—“trust but verify”—and inverts it, because recent breaches have
proven that when an organization trusts, it doesn’t verify. (Forrester)
This model was initially developed
by John Kindervag of Forrester Research and popularized as a necessary
evolution of traditional overlay security models. It requires that the
following rules be followed:
The zero trust model has three key
According to a Forrester Research report,
information security professionals should readjust some widely held views on
how to combat cyber risks. Security professionals emphasize strengthening the
network perimeter, the report states, but evolving threats—such as increasing
misuse of employee passwords and targeted attacks—mean executives need to start
buffering internal networks. In the zero trust security model, companies should
also analyze employee access and internal network traffic. One major recommendation of the Forrester report is for companies
to grant minimal employee access privileges. It also emphasizes the importance
of log analysis; another recommendation
is for increased use of tools that inspect the actual content, or data
“packets,” of internal traffic.
Teams within enterprises, with and without the
support of information technology management, are embracing new technologies in
the constant quest to improve business and personal effectiveness and efficiency.
These technologies include virtualization; cloud computing; converged data,
voice, and video networks; Web 2.0 applications; social networking; smartphones;
and tablets. In addition, the percentage of remote and mobile workers in
organizations continues to increase and reduce the value of physical perimeter
primary vector of attackers has shifted from “outside-in” to “inside-out.”
Formerly, the primary attack vector was to directly penetrate the enterprise at
the network level through open ports and to exploit operating system
vulnerabilities. We call this attack methodology “outside-in.” In “inside-out” attacks,
the user inside the “protected” network reaching out to an external website can
be just as vulnerable as the user accessing the Internet from home.
Some organizations use virtual local area networks (VLANs) to segment their network, but
VLANs simply isolate network traffic—they are unable to enforce the control of
privileged information. In addition, by itself, a VLAN cannot inspect your
traffic for threats. True zero trust network segmentation requires an
enterprise security platform that understands your applications, users, and
Just remember: the zero trust model of information
security means “verify and never trust.”
The views expressed in this article are solely those of the author(s) and do not represent the views of Kaplan University.
We encourage you to share this article if you learned anything (#TIL) or found this useful information.
If you are considering an IT degree we invite you to find out more about the School of Business and Information Technology and explore our undergraduate and graduate degree offerings.
Interested in other IT career insights? We invite you to take a look at our Career Moves site, which periodically publishes new articles and other content on this subject.
KU Facebook Page
KU Twitter Page
KU YouTube Channel
KU Google+ Page
KU LinkedIn Page
KU Pinterest Page
KU Instagram Page
Registered User Login
Student Consumer Information
LEARNING AT KAPLAN UNIVERSITY