WHY ZERO TRUST?
Where traditional security says “trust but verify”, Zero trust says “never trust, always verify”.
The idea of “never trust, always verify” means you should never trust that users are who they say they are. Instead, you should always verify their identity and access level. This increases the chances that you can stop a cybercriminal or malicious program before they access the organization’s sensitive information or cause other kinds of damage.
What Exactly is Zero Trust?
Zero trust is an IT paradigm shift from the traditional security model of perimeter-based security, where anything inside the network perimeter was considered trusted. Zero trust is a security model that requires strict authentication of people and devices trying to access resources on a private network. This requires no implicit trust to be given to any user or deice, even if they are known or already have access to network resources.
As the name implies with Zero Trust, access to resources from both inside and outside of the network, should be restricted until the validity of the request can be confirmed. Zero trust assumes active threats exist both inside and outside of a network perimeter, with users required to meet strict inspection and authentication requirements before gaining access to a given resource.
Zero trust model recognizes that trust is vulnerability. The traditional approach automatically trusted users and endpoints within the organization’s perimeter, thereby putting the organization at risk from malicious internal actors and legitimate credentials taken over by malicious actors, allowing unauthorized access once inside. Zero trust model therefore requires organizations to continuously monitor and validate that a user and their device has the right privileges and attributes.
Core Principles of the Zero Trust Model
Zero Trust is built upon five (5) pillars:
1.??????Assume the network is hostile.
2.??????Assume that threats from inside and outside the network exist at all times.
3.??????Don’t base network trust on a network’s location.
4.??????Authenticate and authorize every requesting entity (devices, users, networks).
5.??????Rely on dynamic policies fed from as many sources of data as possible.
Importance of Zero Trust Model
Traditional approaches to cybersecurity are no longer effective for protecting modern cyber threats. Ransomware attacks are increasing drastically on a regular basis thus implementing zero trust principles is the most effective way for an enterprise to control access to its resources.
Zero Trust helps close security gaps including:
The Zero Trust model took shape as hackers became adept at exploiting the shortsightedness of organizations that presumed, they only had to worry about threats from the outside. If attackers managed to find an opening in a company’s network or steal a user’s credentials, they gained the ability to move laterally and gain further system privileges. Zero Trust recognizes the importance of installing security controls at all vulnerable access points, including those inside the network. By focusing on identity, Zero Trust makes it possible to limit the movements of hackers even if they manage an initial breach.
Challenges of Zero Trust
Zero Trust Security protects your enterprise inside and out. By safeguarding connections with approaches like least privilege and multi-factor authentication, you can ensure total network security. But implementing and maintaining a zero-trust model poses unique challenges that you must be ready to address. Many organizations have acknowledged the value of a zero-trust security strategy, but many have not yet made the move.
领英推荐
Here are a few challenges you are likely to face as you implement a zero-trust model in your organization, and how to overcome them.
1.??????Zero Trust Security requires ongoing management
Some security solutions can be configured and deployed, and then left unmanaged for long periods of time. But because zero trust security is a mindset, it requires ongoing management to ensure ongoing protection.
Though it does provide hardened security across your distributed networks, zero trust security is not a ‘set it and forget it’ approach. Your business is constantly changing inside and out, whether it is employees gaining different responsibilities, or adding new sites, staff, and customer accounts. Your network security requires ongoing administration to ensure that all of these activities are kept safe.
To help with this challenge, it’s advisable to implement routine maintenance tasks & checkups into your processes. This is where automation tools can come in handy to consistently check for firmware upgrades, or assist with security configuration changes. You can also use monitoring tools, alerts, and notifications to help you stay ahead of attacks.
2.??????Expansion of Devices
Beyond the human factor lies the hardware. There is a huge variety of mobile devices and personal computers through which employees, customers, and suppliers communicate with a company’s systems. Bring your own device (BYOD) policies, IoT equipment, and the “always-on” mentality, leads to a proliferation of properties, requirements, and communication protocols that must be tracked and secured on an ongoing basis.
3.??????Phasing Out Legacy Solutions
Many organizations have invested in an array of point security products designed to support perimeter-focused security strategies. Making the move to zero trust requires phasing out these legacy solutions, which can be difficult due to investment in the technology, contracts, etc.
Companies can adopt a zero-trust architecture without abandoning their legacy systems. Start by identifying the most sensitive data and critical workflows. Those can be subjected to stricter access controls, such as?multifactor authentication, privileged access and session management. Remaining data is subject to standard perimeter controls, while only the most important information is subject to a zero-trust standard.
Technologies Behind Zero Trust Model
Here are the main technologies used to implement a zero-trust model:
1.??????Strong user verification—achieved through measures like role-based access control (RBAC).
2.??????Identity and access management (IAM)—help you define and manage user permissions. The IAM system decides whether to grant or deny access requests.
3.??????Multi-factor authentication (MFA)— Forces users to confirm their identity in more than one way before allowing them access to company applications and systems. It helps protect the network against weak or reused passwords.
4.??????Endpoint protection—attackers use compromised endpoints to exploit authorized user sessions and gain unauthorized access to company resources. Endpoint security can help protect against compromised accounts.
Conclusion
As cyberattacks against organizations become more common, the traditional “trust but verify” view of network security is no longer appropriate or adequate. Security teams should know that implicitly trusting users and endpoints places their organization at risk from malicious attackers, unauthorized users, careless insiders, and compromised accounts.
To secure the organization, a Zero Trust model is vital. This model’s “never trust, always verify” approach, as well as its principle of least privilege, provide better protection against the expanding cyberthreat landscape. With Zero Trust, organizations can implement better access control, protect their assets, contain breaches, and minimize the potential for damage.