Traditional infrastructure security vs Cloud native security
For tradional infrastructures; anyone inside the corporate network was trusted, and anyone outside wasn’t trusted.
Along with perimeter-based security often comes layered security. Layered security meant that IT teams would put perimeters of security around individual assets. The attacker has to go through multiple security layers to get access to critical assets.
Authorized users, on the other hand, could go past these layers of security because they’d already be in the perimeter. Then they would log into a machine that would give them IT resource access.
The perimeter and layered approach made more sense when the network was almost entirely on-premises and often Windows-based. The first ring of security would usually be focused on identity. That meant a user would need access to a domain. Then, the layer after that might have been anti-malware protection. From there, a third layer would focus on data and applications often.
The outer layer would be the network perimeter itself, with VPNs, firewalls, intrusion detection, and other security features.
Importance of Zero-Trust Model
Here there’s no trusted internal network versus an untrusted external network. Access is based on the user and not the location, network, or device.
First, networks aren’t on-premises. Second, networks aren’t Windows-based anymore either.
领英推荐
The assumption with Zero Trust is that a network has been compromised. Every user must prove that they aren’t an attacker. There is strict identity verification, even if a user or device is already in the network.
Even once a user accesses the network, they have limited accessibility.
As organizations begin implementing Zero Trust, they have a combination of non-integrated on-premises and cloud applications. There’s fragmentation that has to be dealt with by IT.
This brings about the need for Identity and Access Management or IAM. This is often the first actual step that has to be completed. That means consolidation of fragmented identities under a single IAM system across the cloud and on-premises. For example, this might specifically include single-sign-on. Then, there might be a second authentication factor layered on that.
- There is often the inclusion of context-based policies. That means that there are signals gathered about the context of each user, such as device and location context.
- The next part of the process for Zero Trust is a focus on authorizing and authenticating access.
Advantages of Zero Trust are that it’s easier to detect and stop phishing emails that target employees. This approach can be effective at stopping lateral movement if there’s a breach, whereas with perimeter-based security, once a bad actor has access, they can move about in an unlimited way. It protects against something like a stolen developer password or the exfiltration of a database by a compromised application host. Micro-segmentation can prevent data breaches in general and keep lateral movement contained. It’s possible to have more visibility into workloads, devices, users, and components across the environment. Zero-trust puts an emphasis on continuous monitoring for signs of compromise. There’s enhanced organizational security but also consistency in the user experience.
Regardless of the underlying infrastructure, it’s possible to implement security protection across multiple environments.
Well said
Corporate Media| Public Relations| Strategy| Branding|Management consulting. A global perspective and ambition to transform the future with the right innovation and communication.
3 年I really enjoyed reading this!
CEO @Icypeas | Love discussing lead generation, sales automation, marketing hacks and entrepreneurship
3 年Awesome!
Steering ships in unchartered waters
3 年The post made me think, thanks Ayush!