Zero Trust

Zero Trust is a security strategy that aims to minimize implicit trust in entities that handle enterprise data. Entities, such as users and endpoints¹, need to continuously prove their trustworthiness to the enterprise to be allowed access to resources².

Defining Zero Trust

NIST’s Special Publication 800-207 on Zero Trust Architecture defines a core Zero Trust tenet as follows:

“Access to resources is determined by dynamic policy—including the observable state of client identity, application/service, and the requesting asset—and may include other behavioral and environmental attributes.”

In other words, a key principle of Zero Trust architecture states that an enterprise must regulate access to their resources by continuously evaulating user and device identity, device health, and other contextual information such as location and frequency of access. In more simple terms, just because a device is authenticated within the enterprise VPN, it doesn’t mean that the device should be trusted automatically.

This approach (as described in the following diagram) allows dynamic access control in contrast to traditional perimeter-based approaches such as VPNs, where any entity within the enterprise’s VPN perimeter is fully implicitly trusted to handle enterprise data.

For each resource request, the device evaluates its health and user identity, and gathers other context. The device then sends this information to a Policy Decision and Enforcement Point, which decides whether to allow the device access to the requested enterprise resource. If access is allowed, the requested resource is sent back to the device.

With a traditional perimeter-based security strategy, if an attacker compromises a single device or user credential, they can easily breach the entire enterprise network. With a Zero Trust strategy, access is granted dynamically (at time of request), which dramatically reduces the impact of a compromised endpoint or credential.

Zero Trust with Samsung Knox devices

Zero Trust security principles are designed into the architecture of all Samsung Knox devices, allowing organizations to leverage Samsung devices as secure and reliable entry points into any network. When Samsung Knox devices are utilized as endpoints in an enterprise, they can:

• Continuously monitor and authenticate user and device context by connecting the Knox Asset Intelligence Security Center to your organization’s Security Operations Center (SOC).

• Send augment-network-requests through our Knox Zero Trust Network Access (ZTNA) framework. These requests contain user and device context metadata that gets used by the Policy Decision and Enforcement Point to decide whether to allow or deny access to enterprise resources.

Enterprises often deploy multiple security solutions across various teams, creating complexity and requiring specially trained security professionals to manage threats across different device platforms. Samsung Knox aims to eliminate the complexity associated with enterprise mobile device management. Whether it’s through our robust in-house endpoint management solutions, or our continued collaboration with industry-leading security solution providers, Samsung Knox is leading the charge towards a more secure future for all customers.