Can “Zero Trust” prevent data breaches?

As the Pentagon vacillates from posting classified documents to Discord group chats, Army officials say the continued shift to Zero Trust networks will help prevent insider leaks.

“All you have to do is look at the latest news. I can understand why implementing this concept of Zero Trust is so important because Zero Trust improves your security posture. Not only that, but we’re already starting to see it dramatically improve the user experience,” General John Morrison, the U.S. Army’s deputy chief of staff for cyber, told reporters on Monday.

Like other departments of the Department of Defense, the Army will have until 2027 to convert its network to a Zero Trust architecture. A Zero Trust architecture continuously ensures that no one is accessing data that shouldn’t be.

This year, Army leaders will create a cohesive, integrated network that is “built on zero trust principles” and allows for more standardized and centralized management of connected computers, phones and tablets. It says it is “accelerating” its efforts.

“What we can do with it is give us a holistic view of the network, end-to-end.

But how could any of these prevent, say, a National Guard IT specialist from leaking classified military documents?

The key is to better track individual access to specific networks and materials, all the way down to the device.

When asked about the recent Pentagon information leak, Army Acting Chief Information Officer David Markowitz did not comment on the lawsuit against 21-year-old Jack Douglas Teixeira. said it was tracking lessons from

“We want to have absolute control over who can see what information … make sure it’s updated in real time,” said Marco, who is also the Army’s chief data and analytics officer. Witts said. “And if the information is accessed, we can understand who viewed it, so it is not leaked or redistributed without control.”

To prevent leaks with Zero Trust, Markowitz said, it’s important that information “comes from known and trusted sources, and you have some form of control over who can access it.”

The Army, like the rest of the Department of Defense, is betting big on Zero Trust. This includes mapping network access and all devices and users that connect to it. Morrison said doing so would help “set the conditions for a broader network implementation focused on modernization,” especially for mission-related ones.

Plans also plan to allow users to “go anywhere in the military squad”. [Department of Defense] According to Morrison, as part of the identity and access management update, you can log into your information network and do business right away.

The Army is looking to update its technology to improve the user experience. The service is piloting an initiative with 22,000 service members and is bringing its own approved device and virtualized desktop services. These services are delivered remotely, on personal devices and even on his DODIN, so there is no need to replace hardware immediately. It costs us a lot,” Morrison said, adding that these efforts are part of a shift to increasing productivity in a safe way.

Markowitz said Zero Trust could also improve the user experience and is part of the Army’s modernization plan.

For example, military personnel at remote reserve stations for training and mobilization use previously protected personal devices to “connect directly to trusted sources for mobilization, receive orders, and receive information.” can be updated. [common operating picture] about what might unfold,” he said. The data travels via what’s called an encrypted “colorless transport” to a virtual environment where “it can be retrieved, but disappears when the machine is powered off.” The information does not reside on the device so that you can.

In addition, the timestamps of when users log on and off, and what they access are “cataloged,” so data is controlled at distribution points instead of moving from machine to machine. You can, which means you won’t be able to keep track of your workers.”

According to Markowitz, security and usability are facilitated by managing identities for access, properly tagging data, matching individuals with appropriate privileges, and encryption.

Together, he said: That’s the vision. ”