NIST Zero Trust Architecture (NIST SP 800-207) is a framework focused on data protection. It assumes threats can originate from either inside or outside a network. Instead of building security on the perimeter of the network, ZTA focuses on protecting resources and data within the network at the time of access. All networks, regardless of how much authentication is used to gain access, are not trusted and are presumed to be potentially compromised. As a result, the focus shifts to managing the risks presented with user access and the data that requires protection.
NextLabs addresses ZTA requirements by taking a data-centric approach, assuming all systems and networks being used to access that data could be compromised. Attributes of users, data networks, and the environment are evaluated at runtime against the values defined in the data access policy. In doing this, potential risks are continuously tested and evaluated, preventing access to the protected data or resources if all conditions are not. NextLabs combines dynamic access authorization, fine-grained access controls, and evaluation of user and device attributes to protect data at rest or on the move. This enables compliance with NIST 800-53 Rev. 4, AC-2(6), Dynamic Privilege Management and Least Privilege, along with NIST 800-53 Rev. 4, AC-3(9), Controlled Release.
The NextLabs platform enhances organization’s security postures and compliance readiness by providing the following benefits:
Protecting sensitive data
Leverage data-centric access management system to secure access and protect data across business-critical applications whether the data is at rest or on the move.
Define, Manage, enforce, and audit access policies to sensitive corporate data to ensure compliance with regulations such as GDPR, HIPPA, ITAR, EAR, and SOX, to avoid data spills or contamination.
Reducing security and compliance management costs
Automate the process of auditing authorization and data access to demonstrate compliance to auditors, regulators, and customers.
Improving business agility
Reduce the amount of application development time and automated change management processes, allowing for enhanced business agility.
To read more about how NextLabs employs a data-centric approach that aligns with the requirements of ZTA, please read our White Paper.
For more general information on NextLabs and Zero Trust, check out the following resources: