COVID-19 , Encryption & Key Management , Governance & Risk Management

A Working Model for a 'Zero Trust' Security Architecture

Panel of Experts Offers Implementation Insights
From left: Brijesh Datta of Reliance Jio, Charanjit Singh Sodhi of Nomura Wholesale and Sridhar Sidhu of Wells Fargo

Implementing a "zero trust" architecture for the remote workforce during the COVID-19 pandemic requires secure authentication methods, a role-based access strategy and encryption standards based on micro-segmentation, according to a panel of security experts.

See Also: Live Webinar | App Defined, Autonomous and Delivered from the Cloud

"An effective 'zero trust' strategy needs to deploy a central identity management strategy ... and context-based authentication to allow APIs to talk to each other securely," Brijesh Datta, executive vice president and CISO at Reliance Jio, said in a video panel discussion. The panel was part of Information Security Media Group's recent Cybersecurity Virtual Summit India: "Zero Trust."

Charanjit Singh Sodhi, executive director and head of IAM at Nomura Wholesale, says another essential element is a role-based access control mechanism. "A very regular reconciliation of the access control process along with the self-recertification and manager recertification process automated in real time for secure user access in a 'zero-trust' model is helpful," he said.

Sridhar Sidhu, senior vice president and head of the enterprise security services group at Wells Fargo, added: "One of the key tenets of a 'zero trust' framework is to assess the risk exposure of the organization, which starts with privileged access."

In this video panel discussion, the three experts address:

  • Taking an identity-centric approach to "zero trust";
  • How CASB and Web DLP technologies help manage risk;
  • Using artificial intelligence and machine learning to help track user access.

As the executive vice president and CISO at Reliance Jio, Datta manages security for all the company's vertical markets. Datta has more than 25 years of experience in telecommunications, IT, and information security. He was a former army officer who was instrumental in defining cybersecurity practices for the Indian Army in the late 1990s.

Sodhi is the executive director and the head of identity and access management at Nomura Wholesale. He served as an officer in the Indian Navy, where he was awarded the Chief of Naval Staff Gold Medal and the Sword of Honor. After that, he has worked at SecureSynergy, Fidelity, Airtel and JPMorgan Chase.

Sidhu leads the enterprise information security services function at Wells Fargo Enterprise Global Services - India. He holds certifications in IT risk management and IT governance matters.


About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.