Abstract: Huawei Cloud released the world’s first “Huawei Cloud Zero trust Capability Maturity Model white paper”, to show the industry Huawei cloud security new capabilities and new breakthroughs.

From October 16 to 17, 2021 “Tianfu Cup” International Network Security Competition and International Network Security Summit Forum was held in Chengdu. As one of the organizers, Huawei Cloud held huawei Cloud Native Security Forum at the same time. At the forum, Huawei Cloud released the world’s first “Huawei Cloud Zero Trust Capability Maturity Model White Paper”, demonstrating huawei’s new capabilities and breakthroughs in cloud security to the industry.

Huawei cloud security general manager Cao Zhiyuan issued a white paper

As cloud computing, big data and other technologies are widely used, the boundaries of enterprise networks are becoming blurred, and internal threats such as external cyber attacks, unauthorized access, misoperations and data leaks are emerging one after another, rendering traditional boundary-based security measures ineffective, the white paper said. The zero-trust model adhering to the principle of “never trust, always verify” has been proved to be effective in solving the above problems, becoming a new trend in the development of network security.

During the evolution of Huawei cloud zero-trust capability, it is recognized that zero-trust implementation is a systematic project, which cannot be completed by deploying a single network architecture or technical products. Long-term planning and construction are required, including defining the strategic vision of zero-trust construction, matching required resources, and formulating construction roadmap. Under this background, the industry has zero trust concept, huawei cloud reference fusion itself in understanding and practice of network security and privacy protection, zero trust capability maturity model (CMM) is constructed, which made the “zero trust huawei cloud capability maturity model (CMM) white paper, aiming at zero trust maturity assessment from the theoretical level to specific framework used to guide field, Provide practical maturity assessment guidelines to help enterprises identify the current maturity level of zero trust, and provide guidance for the strategic planning of the evolution of zero trust capability in the next stage.

The white Paper has the following core highlights:

In-depth interpretation of Huawei cloud zero trust capability Maturity Model architecture

Integrate the mainstream zero-trust concept in the industry and integrate Huawei’s zero-trust practice experience to implement zero-trust from the concept level to a specific capability framework. The architecture of Huawei cloud zero-trust maturity model is divided into three parts: zero-trust security domain, zero-trust capability dimension and zero-trust maturity level. The relation diagram of the three is as follows:

Zero-trust security covers personnel security, device security, network security, workload/application security, and data security. Based on the existing evaluation fields in the industry, the model further refined the five pillars of zero-trust capability to 20 key security fields, and measured the zero-trust capability from multiple capability dimensions, such as organization building and technical tools, and formed quantifiable indicators to ensure the completeness and accuracy of the evaluation.

In the dimension of zero-trust capability, in addition to technical capability, the model can also evaluate organizational construction, institutional process, data operation and other management capabilities, so as to measure zero-trust capability more comprehensively.

  • Organization construction: post setting, responsibility division and personnel capacity building of zero-trust related organizations;
  • System process: zero trust related management requirements and the establishment and implementation of system process;
  • Technical tools: technical means and product tools required for the implementation of management requirements and system processes;
  • Data operations: Establishment and optimization of data metrics to measure the effectiveness of zero-trust management and technical capabilities.

** In terms of zero-trust capability maturity level, ** This model sets specific metrics for all key security domains, which can quantitatively evaluate the zero-trust capability maturity level of each domain as well as the whole, and guide the formulation of future development goals.

  • Zero trust capability maturity level quantitative score. The zero-trust capability maturity level of each critical security subdomain can be quantitatively scored, so as to determine the current zero-trust capability maturity level of the enterprise.
  • Zero trust capability maturity visualization presentation. The maturity score of 20 core sub-areas of zero trust can be presented globally by means of radar map, so as to identify the current weaknesses and advantages of zero trust capability, and guide enterprises to plan key areas for future improvement.

Share Huawei cloud zero trust practices

Huawei Cloud continuously optimizes the maturity model through internal practices and incubates zero-trust related applications used internally into customer-oriented products and services. Huawei Cloud zero trust solution protects applications, data and other resources through dynamic access control and fine-grained authorization based on identity, and builds huawei cloud end-to-end adaptive security capabilities. The structure diagram of key capabilities is as follows:

Under the background that zero trust has become a new trend in the development of network security, Huawei Cloud hopes to share the zero trust capability maturity model that has been implemented in Huawei cloud with customers and the industry through the release of this white paper, so as to jointly discuss the evaluation method of zero trust capability maturity and promote the construction of zero trust capability in the industry. At the same time, Huawei Cloud will continue to release zero-trust related products and services to improve its cloud security capabilities and help customers’ business compliance and security.

For more information, click Huawei Cloud Zero Trust Capability Maturity Model White Paper

Click to follow, the first time to learn about Huawei cloud fresh technology ~