What Is Content-defined Zero Trust?

Summary

Watch this video to learn how a content-defined zero-trust approach enables organizations to protect their sensitive content communications from cyber and compliance risks.

In a zero-trust security approach, no device, user, or agent is implicitly trusted with access to system resources. A content-defined zero-trust approach extends this model to the content layer versus just the network and application layers. Content-defined zero trust involves several key elements.

First, identity and access management (IAM) to content employs a strong authentication and authorization process focused on controlling access to the content itself. Multi-factor authentication must be applied to ensure multiple forms of authentication are used to confirm the identity of users attempting to access the content. Second, content segmentation is required, where data is divided into smaller segments based on sensitivity and use, and strict access controls are implemented between them. Third, the principle of least privilege is applied, where users are granted the minimum level of access to content segments required to perform their job duties. In the least privilege principle, all users, devices, and applications are untrusted by default, and least privileged access is enforced. Access control must be leveraged to ensure strict control on who and what can access sensitive content; this includes user access permissions by individual content assets or asset groups. Fourth, continuous monitoring is required on content and content segments to detect and respond to potential threats in real time.

Organizations can better protect their sensitive data with governance tracking and controls using a content-defined zero-trust strategy. The Kiteworks Private Content Network ensures a comprehensive content-defined zero-trust strategy in protecting your sensitive content communications—email, file sharing, managed file transfer, and web forms.