I really appreciate how IBM promotes the knowledge across the world. YT channel is brilliant and content always very consistent and informative. I do believe that IBMs performance has an outstanding positive social impact, which affects on increase of technology awareness among people. More knowledge and understanding of modern IT infrastructure make our life easier and safer. Generally, the knowledge affects people take decisions more wisely. From my humble point of view IBM fulfill that concept remarkably. It is a pleasure to be here. Keep fingers for your goals.
You might like to know, the idea of Zero trust originated in the OSSTMM, and was created WAYYYY before "zero trust" was coined. might want to look into the original.
Well said... now this is a good trust practice....it irks some of us when the latest buzzword drives every vendor to run around town only parroting the said buzzword
Wow great, I know a story BTW which Zero-Trust could've helped. A famous core-banking-systems company where the Qa member asks the IT member "They're friends" to give them credentials for a production payment System to do " QA "... Soon later "after several months" a Bank customer comes in and complains about 50k disappeared suddenly from his account... And turned out to be: it was the QA member :).. And it wasn't that customer alone
I think what would make this video more useful is explaining what was “before” zero trust. No one trusted Helen before, so what’s new? Everything explained here is something that was practiced since computers were invented for the most part. Informative for those who aren’t familiar with security best practices, not so much for those who want to know if this is actually something new or another buzz word.
He did mention perimeter security and also indicated the human element of trusting by association. These elements make perimeter based security to borrow his word primitive
Most security products and strategies are not new or advanced. This includes the ‘Zero Trust’ strategy, regardless of how frequently vendors mention it. Authentication being used behind the firewall and on the internal devices of a network has been used for decades.
Would be nice to talk about service meshes, both the data plane and the control plane. Service meshes claim to promote zero trust networks as all access have to come through a sidecar app. The service mesh product consol claims to have the ability to link data centers. I believe this would be of great value to some one like IBM Cloud. Majority of companies will have their sites on amazon or microsoft. Service meshes have the ability for ibm to snag customers, particular customers who could use mainframe type operations. My son and daughter started a high tech health company. They were chosen to a incibatory project. As a result they were given cloud credits on google, amazon and microsoft. The engineers want microsoft, marketing wants amazon. Seems service meshes are a great way for startups to start out with.
For us true geeks it's a strategy that proved unreliable. It doesn't take a off point Snowden film to prove it either. If your staff can't learn enough to cancel Helens access on the way out the door your company is fffffed from the first time booz sends you a employee making 285k a year
1. Verify explicitly
2. Provide least privilege necessary to get job done
3. Assume breach at every step
I really appreciate how IBM promotes the knowledge across the world. YT channel is brilliant and content always very consistent and informative. I do believe that IBMs performance has an outstanding positive social impact, which affects on increase of technology awareness among people. More knowledge and understanding of modern IT infrastructure make our life easier and safer. Generally, the knowledge affects people take decisions more wisely. From my humble point of view IBM fulfill that concept remarkably. It is a pleasure to be here. Keep fingers for your goals.
Thank you for the lovely feedback, Markus! It makes us really happy to hear this! 🙏
Really appreciate the clarity and brevity provided in this video. Clicked well
This channel is great in terms of explaining things
Great job. IBM hold those principals close to the heart. Go IBM Security thanks for the video.
You might like to know, the idea of Zero trust originated in the OSSTMM, and was created WAYYYY before "zero trust" was coined. might want to look into the original.
That was very informative, thanks IBM!
Well said... now this is a good trust practice....it irks some of us when the latest buzzword drives every vendor to run around town only parroting the said buzzword
Wow great, I know a story BTW which Zero-Trust could've helped.
A famous core-banking-systems company where the Qa member asks the IT member "They're friends" to give them credentials for a production payment System to do " QA "... Soon later "after several months" a Bank customer comes in and complains about 50k disappeared suddenly from his account... And turned out to be: it was the QA member :)..
And it wasn't that customer alone
Ought to assume the QA may breach the system to do bad things - rule 3
Very well presented; thank you for sharing
I think what would make this video more useful is explaining what was “before” zero trust. No one trusted Helen before, so what’s new? Everything explained here is something that was practiced since computers were invented for the most part. Informative for those who aren’t familiar with security best practices, not so much for those who want to know if this is actually something new or another buzz word.
He did mention perimeter security and also indicated the human element of trusting by association. These elements make perimeter based security to borrow his word primitive
Good explanation!
very clear
Most security products and strategies are not new or advanced. This includes the ‘Zero Trust’ strategy, regardless of how frequently vendors mention it. Authentication being used behind the firewall and on the internal devices of a network has been used for decades.
I never trusted Helen
🤣
No, not Helan😟
Excellent!
Would be nice to talk about service meshes, both the data plane and the control plane. Service meshes claim to promote zero trust networks as all access have to come through a sidecar app.
The service mesh product consol claims to have the ability to link data centers. I believe this would be of great value to some one like IBM Cloud. Majority of companies will have their sites on amazon or microsoft. Service meshes have the ability for ibm to snag customers, particular customers who could use mainframe type operations.
My son and daughter started a high tech health company. They were chosen to a incibatory project. As a result they were given cloud credits on google, amazon and microsoft. The engineers want microsoft, marketing wants amazon. Seems service meshes are a great way for startups to start out with.
actual information starts at 1:50
put on 1.5 speed
I knew there was something off about Helen.
Always verify... Sounds reasonable.
But how to verify the verification?😳
Zero trust principles:
Never trust, always verify
Least privilege
Assume breach
Show de bola
For us true geeks it's a strategy that proved unreliable. It doesn't take a off point Snowden film to prove it either. If your staff can't learn enough to cancel Helens access on the way out the door your company is fffffed from the first time booz sends you a employee making 285k a year
🌟🌟🌟
❤
shall I trust my CPU
Devastated decades ago.. it's revealing to witness this ethos. But that explains IBM ghost ship presence in society.
How very 1984