Zero-trust Network Approach Execution

With ISG’s help, a large insurance company implements an approach to align its network design with a zero-trust network architecture methodology.

Opportunity

Opportunity

Zero-trust network architecture is an approach in enterprise network architecture design in which all communications, regardless of their source (internal or external), must be authenticated and specifically allowed. 
One of the prevalent technologies that aligns the network architecture with zero-trust network methodology is micro-segmentation.  
Micro-segmentation, a trendy project within the security domain, ring-fences each application separately as opposed to traditional model of ring-fencing a set of applications. As a result of this model design, risk of lateral movement attack reduces dramatically.
Imagining IT Differently

Imagining IT Differently

ISG helped to create and implement a strategic roadmap, including the identification of crown jewel applications. This was accomplished by reviewing the business impact analysis (BIA) and privacy impact analysis (PIA) report and performing a risk analysis to prioritize applications. 
ISG also provided a plan for effective roll out of the technology and delivered the project deliverables on time and in-budget. We established an effective relationship with application owners via presenting the project business case and controlled enhancement through increasing visibility over each application’s communications.
Button-CS-Future

Future Made Possible

The company received a widespread solution that includes all applications of the organization. ISG also provided the operation and service delivery key performance indicator (KPI) design.
After executing this approach, the company is able to apply more granular controls by imposing other types of segmentation, such as nano-segmentation focusing on process- and user-level authentication. This project brought all applications to the final mode of micro-segmentation operation which is now the enforced mode. The approach also covers applications hosted on containers.
Following project success, the company is ready to implement a group HR-based access role model, ensuring compliance with separation of duty (SOD) and security standards.