Steps to Implement ‘Zero Trust’

The first step for health care organizations that want to implement zero trust is to identify which applications and users to protect, and to take a one-app-at-a-time approach, explained Den Jones, chief security officer at San Francisco-based zero trust access solution firm Banyan Security.

“Zero trust implementations result in something we call user-to-application segmentation, which simply means we’re pairing specific users to specific applications,” Jones said. “So when zero trust is done right, you can deploy it incrementally rather than having to perform a gigantic rip-and-replace of your legacy VPN [virtual private network], for example. That way, you reduce risk and assure yourself that the new system is working before removing access to any old systems. Once you have success applying zero trust to one application, you can then identify your next one, and so on,” he explained.

This document is only available to subscribers. Please log in or purchase access.


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field