What are the main challenges and benefits of adopting a zero-trust model for IAM?

Every access attempt is treated as untrusted. Trust must be earned. Yet, Zero Trust does not need to be prohibitively complex or unfriendly to the user experience. Identify verification, authentication, and re-authentication can even be invisible to end users. This is important to our external users, our customers.

IAM was basically an entry door with a guard checking identity, then, this identity had all latitude to access whatever granted access, without re-verifying the identity at any point in time. This was still based on the concept of "session" or 1 entry ticket valid for the requested level. Zero-trust brings multi attribute identity validation, which is constantly checked and re-verified for each action. On top of this, multiple levels of security could be assigned depending of the sensitivity of the targeted object / resource. Some sensitive items may require more attributes to be checked, than the initial validation.

Zero Trust access management is a great approach to solving security challenges like unauthorized access, phishing, and credential theft.

ZT IAM, or basically zero trust access management is needed due to the evolution of the threat landscape, where digital identity theft is so common, that even authenticated users are not always the right ones. Between stolen credentials, to botnet infected systems used as proxy, there is a lot to do for an organization to know who's really behind the keyboard. ZT IAM brings the ability to reduce the risks, without requiring mandatory invasive technology on the privacy side either.

Before starting your implementation of zero-trust, ask yourself these 5 questions. 1. Who needs network access? 2. What devices need network access? 3. What digital artifacts need network access? 4. What are your key processes? 5. What policies do you need to add?

Implementing zero-trust IAM requires first to define a source of truth in regards to user database, which source of truth will allow to establish the validation of attributes for each pretending users. It also requires that all systems support a centralized authentication mechanism, or, the ZT IAM solution must be able to become the single point of authentication, acting as a bridge toward the controlled infrastructure and services. The solution will need to make sure that lack of audit capabilities in the protected infrastructure and services is compensated by the implemented access control solution as well. When deploying ZT IAM, legacy authentication must be removed to make sure no bypass is allowed after ZT IAM is implemented.

Zero-trust IAM would appear to be an element that increases costs on systems rather then decreasing costs. Complexity would also rise in that individual nodes would require authentication when communicating with what were previously trusted nodes existing within the same company network. This is part of what must be accepted though, as part of reducing the risk of an insider threat involves accepting higher costs.

This is a really important element of organisational security. Just because a trusted resource has approved and validated access to a network doesn't mean they can and should access all resources. Limitation both protects the organisation and to some extent the individual should an account compromise occur.

zero-trust IAM will bring stronger control over acces, more audit capability, at the cost of a change in the way systems communicate. ZT IAM definitely make compliance easier, especially if implemented to replace weak or unsafe authentication mechanism in legacy application. That said, as it becomes a central and unique pillar of authentication, it is by definition a critical SPOF, therefore the implementation must consider complete redundancy and fail over capabilities, which fail over should maintain the ZT IAM to avoid potential downgrade attacks (disabling ZT capabilities to fall back in non ZT auth would be a wrong strategy).

Challenges for zero-trust IAM are multiple, from compatibility of the existing stack, to resistance to change. Cost will also be an issue, and availability and SLAs must be carefully reviewed. As the whole infrastructure will require way more transactions due to the nature of zero trust (continuous and constant verification of each and every request), the overhead must be carefully considered making sure productivity doesn't suffer from the change. In regards to behavior, security could be maintained with usability, yet, given the new concept, there is a learning curve needed both from users, admins and architects to adjust to this new reality.