Trusting Zerto with Zero Trust
Zero trust is a security framework that is based on the principle of not automatically trusting any user or device, whether inside or outside the network perimeter. In a zero trust model, all users, devices, and applications must be verified and authenticated before they are granted access to resources on the network.
Integrating a disaster recovery solution into zero trust architecture is crucial. It enables continuity and resilience via swift recovery—from security breaches, application failures, or unexpected disruptions—minimizing downtime, and protecting critical data. These efforts promote a secure and reliable IT environment based on the principles of zero trust.
Zerto can help your organization achieve data-centric security with:
- Continuous data protection for always-on replication—including fully encrypted traffic between all components—to enable RPOs of just seconds
- Journal-based recovery, enabling thousands of granular restore points to rewind and resume from a point in time mere seconds before an attack to limit the blast radius
- Real-time encryption detection, which flags anomalous encryption rates that are happening in real time as Zerto replicates, quickly identifying a potential attack to drastically limit downtime and data loss
- Security-hardened appliances built on custom Linux implementations designed to minimize attack vectors
Zero Trust by Design
Zerto is deployed as a security-hardened Linux appliance expressly designed to protect and recover from the worst cyberattacks. The key zero trust principles inherent in Zerto are:
- Identity access and control: Zerto is inherently designed with zero trust principles throughout its architecture. Below describes what and how:
- Credentials protection: Zerto offers the ability to frequently change credentials and encourages users to do so. Zerto can also seamlessly integrate with all known identity providers (IDPs) and is supported by multi-factor authentication (MFA).
- Least-privilege access: Zerto enables least-privilege access through role-based access controls (RBAC), meaning only those who need access to Zerto resources have access.
Learn more about security and hardening with Zerto here.
Zero Trust Architecture—Zerto Cyber Resilience Vault
Cyberattacks are not a matter of if but when.
The Zerto Cyber Resilience Vault meets these needs to enable enterprises to protect, detect, respond, and recover from ransomware. The Zerto vault leverages the unique strengths of Zerto near-synchronous replication and the Zerto journal, combined with industry-leading hardware from HPE, to deliver rapid air-gapped recovery unlike anything else on the market.
The Zerto Cyber Resilience Vault takes advantage of a zero trust-first architecture, particularly in its vault. The separated Cyber Resilience Vault is fully air gapped and stores immutable data copies on secure, high-performance, FIPS-validated hardware. The isolated vault, or clean room, uses zero trust architecture and has no access to the internet or production network. Since there is no centralized control plane, the vault does not have an exposed management port and does not have any single point of compromise or failure.
Learn more about the Zerto Cyber Resilience Vault by watching this video.
As organizations embrace the zero trust security model to protect against evolving cyberthreats, data resilience becomes paramount. Zerto, a leader in disaster recovery and data protection, is your trusted partner in ensuring the availability and security of your critical data within the zero trust framework.
Michael Nassis 
