2 min read

Zero Trust at Deutsche Telekom

Zero Trust at Deutsche Telekom

Our world is networked - and it is becoming more and more networked. Security plays a central role. And when it comes to network and data security, the buzzword Zero Trust quickly crops up. But what is actually behind it? And what can Zero Trust actually look like? This is not so easy to clarify. Let’s take a look at how Deutsche Telekom is tackling the issue.

“That’s a very good question (what Zero Trust is), especially if you go into a meeting with ten colleagues and ask (…) then you come out with eleven opinions” - Waldemar Schäfer

Waldemar Schäfer completed his studies in core informatics at the Technical University in Kaiserslautern and worked in various IT positions, from developer to system architect. He currently works as a senior enterprise architect at Deutsche Telekom, specializing in front-end architecture and security. His focus is on the implementation and research of Zero Trust in IT architecture.

Highlights of this episode:

  • Zero Trust means trusting no one and nothing blindly and verifying everything
  • Deutsche Telekom has defined Zero Trust for itself, taking six aspects into account: Network, IAM (Identity and Access Management), devices, data, applications and monitoring
  • It is important to have a common definition of Zero Trust within the company to avoid misunderstandings
  • Telekom has reduced and modernized its identity providers to increase security and avoid chaos
  • The implementation of Zero Trust requires a change of mentality within the company and must be integrated into the development process
  • Zero Trust is not only a security concept, but also a way to save costs and increase efficiency
  • The path to Zero Trust is an ongoing process that requires constant adjustments and improvements
  • It is important to start with questions and support the teams to win them over to the concept of Zero Trust

Insight into Zero Trust: How Telekom is redefining security strategies

Today I spoke to Waldemar Schäfer from Deutsche Telekom about the concept of Zero Trust. We explored what Zero Trust means, how Deutsche Telekom implemented it, the challenges they faced and how they overcame them. A deep insight into the practice of Zero Trust at one of the largest telecommunications companies.

The understanding of Zero Trust

Today I spoke with Waldemar Schäfer from Deutsche Telekom. Our main focus was on the concept of Zero Trust - a term that is becoming increasingly important in the IT security industry. Despite its growing popularity, the question remains for many: what exactly does Zero Trust mean? Waldemar shared his insights on how Deutsche Telekom has defined this concept and integrated it into its security strategy.

Different interpretations of Zero Trust

Waldemar made an important observation: if you ask ten different people for their definition of Zero Trust, you get eleven different opinions. This variety of interpretations reflects the complexity and multifaceted nature of the concept. At Deutsche Telekom, they therefore first had to agree on a common definition, which was a challenge.

The six pillars of Zero Trust at Deutsche Telekom

A central point of our discussion was the presentation of the six aspects on which Deutsche Telekom builds its Zero Trust concept: Network, Identity Management (IAM), Devices, Data, Applications and Monitoring. This holistic approach shows that Zero Trust is far more than just a technology or a tool; it is a comprehensive strategy for minimizing security risks.

Practical implementation and challenges

Waldemar gave an insight into the practical implementation of Zero Trust within Deutsche Telekom. He emphasized the importance of clarity about trust relationships and how important it is to explicitly model trust. Experience shows that especially in large companies like Deutsche Telekom, the implementation of such a concept is complex and challenging - from overcoming internal resistance to standardizing procedures.

Further development of the Zero Trust

Finally, Waldemar reflected on the future outlook and the next steps for Deutsche Telekom in the area of Zero Trust. He emphasized the ongoing need to adapt and evolve security concepts - a process that is never really finished. Deutsche Telekom is on a continuous journey to improve its security architecture in line with the principles of Zero Trust.

Testing Embedded Systems

Testing Embedded Systems

In this episode, we take a deep dive into the world of embedded software development. We look at the particular challenges of testing embedded...

Weiterlesen
Testing AI - a checklist

Testing AI - a checklist

What questions should be asked when testing AI and what can testers learn from data scientists? Marco Achtziger and Gregor Endler provide insights...

Weiterlesen
Secure by Design

Secure by Design 

How can you incorporate security principles into the development process at an early stage, instead of somehow tinkering them in afterwards? Eoin...

Weiterlesen