View Resource
Advancing Zero Trust Maturity Throughout the Device Pillar
Release Date: 10/30/2023
Organization: NSA
Content Type: Guidance
Solution Provider Neutrality: Neutral
This NSA cybersecurity information sheet (CSI) provides guidance to enable organizations to assess devices in their systems and be better poised to respond to risks to critical resources. The device pillar is a key component of the Zero Trust security framework. It ensures devices within or attempting to connect to resources in an environment are located, enumerated, authenticated, and assessed. The document provides recommendations for ensuring all devices meet an organization’s access criteria and security policies before they are authorized. Recommendations to increase maturity levels of Zero Trust device pillar capabilities include device identification, inventory, and authentication, device authorization using real time inspection, and remote access protection.