undefined | Better HN

0 pointsnine_k1d ago0 comments

You have a working OS! But you're logged out, all sensitive data is removed (safely overwritten with random data first), and you don't have the means to connect to the VPN or anything corporate (it was before zero-trust architecture), even at gunpoint. You can check your flight status, or look up a cafe nearby to eat, etc. But you have to go to a Google office in the destination city, identity yourself, and get the trusted bits restored on your corp machine. This, together with an OTP device, finally allowed you to reconnect to the internal network (and go check fresh memegen).

0 comments

tpetry1d ago

I do understand why all these steps are required. And they are good. But how should zero-trust architecture solve that? You‘re still authenticated what the core problem is.

nine_kOP23h ago

Zero-trust architecture just can work without a VPN, unless the network is blocked. Otherwise everything should be similar.

j / k navigate · click thread line to collapse

0 pointsnine_k1d ago0 comments

0 comments

tpetry1d ago

I do understand why all these steps are required. And they are good. But how should zero-trust architecture solve that? You‘re still authenticated what the core problem is.

nine_kOP23h ago

Zero-trust architecture just can work without a VPN, unless the network is blocked. Otherwise everything should be similar.

j / k navigate · click thread line to collapse