The Zero Trust Framework and Privileged Access Management (Pam)

This book is about the Zero Trust Framework. Essentially, this is a methodology where the IT/Network Infrastructure of a business is segmented into smaller islands, each having its own lines of defense. This is primarily achieved through the use of Multifactor Authentication (MFA), where at least three more authentication layers are used, preferably being different from one another.

Another key aspect of the Zero Trust Framework is known as Privileged Access Management (PAM). This is an area of Cybersecurity where the protection of superuser accounts, rights, and privileges must be protected at all costs from Cyberattackers. In this regard, this is where the Zero Trust Framework and PAM intertwine, especially in a Cloud-based platform, such as Microsoft Azure.

However, as it has been reviewed in one of our previous books, the use of passwords is now becoming a nemesis, not only for individuals but for businesses as well. It is hoped that by combining the Zero Trust Framework with PAM, password use can be eradicated altogether, thus giving rise to a passwordless society.

這本書是關於零信任框架的。基本上，這是一種方法論，將企業的IT/網絡基礎設施分割成較小的區域，每個區域都有自己的防禦線。這主要通過使用多因素身份驗證（MFA）來實現，其中至少使用三個以上的身份驗證層，最好是彼此不同的層。

零信任框架的另一個關鍵方面被稱為特權訪問管理（PAM）。這是一個關於網絡安全的領域，必須以最大的代價保護超級用戶帳戶、權限和特權免受網絡攻擊者的侵害。在這方面，零信任框架和PAM在雲平台（如Microsoft Azure）中交織在一起。

然而，正如我們之前的一本書中所審查的那樣，密碼的使用現在不僅對個人而言，對企業也成為一個敵人。希望通過將零信任框架與PAM相結合，可以完全消除密碼的使用，從而催生一個無密碼的社會。

Ravindra Das is a technical writer in the field of Cybersecurity. He also does Cybersecurity consulting on the side, through his private practice, RaviDas.Tech, Inc. He also holds a Cybersecurity certification from the ISC(2) and other key certifications from Microsoft, CyberArk, and Barracuda Networks.

Ravindra Das 是一位在資訊安全領域擔任技術撰稿人的專業人士。他同時也透過他的私人公司 RaviDas.Tech, Inc. 提供資訊安全顧問服務。他擁有來自 ISC(2) 的資訊安全認證，以及微軟、CyberArk 和 Barracuda Networks 的其他重要認證。