The National Institute of Standards and Technology has released guidance on implementing a zero trust architecture model to protect enterprise applications in multiple cloud and on-premises environments.
Special Publication 800-207A outlines measures and guidelines for securing cloud-based applications by deploying a ZTA to enable safe access to resources located on-premises or in the cloud, NIST said Wednesday.
The guidance recommends that organizations formulate both network-tier and identity-tier ZTA policies and configure technology components to enable the deployment of different policies.
Organizations must also develop a comprehensive monitoring framework covering various tasks and use telemetry data to fine-tune access rights and enforce step-up authentication.
ZTA aims to protect enterprise data and resources by requiring secure authorization of users for accessing cloud-native resources.
