Zero Trust Security Model

Never trust. Always verify.

Today’s cybercriminals are more cunning and ambitious than ever. They have the means, the time and the intelligence to attempt to hack into anything (network or technological asset) they believe to be vulnerable. There are always ways to enhance your company’s security posture: Steps to take in order to reduce the possibilities of harmful cyberattacks. One of the strategies that has been making waves is the zero trust philosophy and its model.

This model was coined in 2010 and has become more and more popular as a result of the complex and evolving cybersecurity landscape, the expansion of cloud computing and the necessity for remote access, and the rise of stricter privacy regulations that call for more comprehensive security strategies. Gartner predicts that “more than 60% of organizations will embrace zero-trust principles as a starting place for security by 2025.” The goal of the zero trust architecture is to eliminate inherent trust and implement strong identity and access management (IAM) controls, which would lower a company’s cyber risk by reducing access to only essential resources or data inside its perimeter and preventing unauthorized access.

Let’s first understand what companies around the world have been working with so far and why it has made them vulnerable to some kinds of attacks.

Good old castle-and-moat

Let’s imagine a building with residential apartments, social areas, administrative offices and commercial spaces. Every time a resident enters the building, they are required to provide proof of residency. After this is completed, residents have free rein and can enter any location they like, even apartments that don’t belong to them. They are trusted to move without encumbrance.

Traditional network security relies on that “trusted by default” concept, and it’s called the “castle-and-moat” approach. Consider the network within a company as a castle and the network perimeter as a moat, trusting anyone and anything inside the network. No one outside it is able to access the data, but once inside the network, lateral movement becomes easy. Companies had relied on this approach when all of their data and resources resided in one physical place, an on-premises data center, to which employees accessed through a company-owned device and they were located in the company’s base office. However, several factors have rendered the castle-and-moat approach obsolete. The 2020 pandemic sped up this process, making remote work and access necessary. Cloud services have become an intricate part of modern IT structures, killing on-premises data centers. Cyber threats keep evolving, finding ways to bypass traditional network security. These factors, among others, have left the castle-and-moat approach behind, but it’s not like it was ever completely secure.

The castle-and-moat approach assumes that attacks originate on the outside of the network, concentrating on protecting its perimeter. Nevertheless, threats do also come from within, making this approach insufficient and vulnerable. For example, if a malicious actor gains access to credentials (stealing them or buying them on the dark web), this approach wouldn’t detect or be able to stop the attacks, permitting the attacker to move laterally and create havoc. Companies that use this approach have to employ other resources to defend their perimeter with security tools like firewalls, intrusion prevention systems (IPS) and intrusion detection systems (IDS), which, needless to say, has a greater monetary cost.

It has become absolutely necessary for companies to find other ways to secure their resources, through more efficient approaches that solve the fundamental flaw of inherent trust within a perimeter. Zero trust security addresses that flaw by continuously verifying access requests and granting only minimum permissions.

Read the full blog post here ?? https://fluidattacks.com/learn/zero-trust-security/