What is zero trust?
As the name suggests, a Zero Trust approach trusts no one. It is a security framework requiring all users, whether inside or outside the organisation’s network, to be authenticated, authorised, and continuously validated for security configuration and posture before being granted access to applications and data. It is a shift of network defences toward a more comprehensive IT security model that allows organisations to restrict access controls to networks, applications, and environments without sacrificing performance and user experience.
Why trust zero trust?
Cloud environments can be hostile places. They host business-critical applications and data, making them ripe for attack by hackers who would like nothing more than to steal, destroy, or hold hostage sensitive data, such as personally identifiable information (PII), intellectual property (IP), and financial information for personal gain. Today’s organisations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the hybrid workplace, and protects people, devices, apps, and data wherever they’re located.
In addition, critical applications and workloads are moving from corporate-owned data centres to the public or hybrid cloud. This new cloud environment requires a shared responsibility model, where certain security aspects are provided by the cloud vendor and others fall on the enterprise. A zero trust model can span this shared cybersecurity responsibility.
Zero trust architecture explained
In the zero-trust approach, protection is environment-agnostic, applications and services are secured even if they communicate across network environments, requiring no architectural changes or policy updates.
Let’s have a look at the core principles underlying this model.
1. Never Trust, Always Verify
The philosophy behind a Zero Trust network assumes that there are attackers both within and outside of the network, so there are no trusted users, zones, credentials, or devices at any time. Authentication and authorization are based on available data points, including user identity, location, device health, service or workload, data classification, and anomalies. Logins and connections time out periodically once established, forcing users and devices to be continuously re-verified because threats and user attributes are all subject to change. As a result, organizations must ensure that all access requests are continuously vetted prior to allowing access to any of the enterprise or cloud assets.
2. Implement Least Access Privilege
Least privileged access means restricting user access rights to just the resources that are required to carry out the task at hand. This is achieved by implementing just-in-time and just-enough-access policies. These, coupled with risk adaptive policies that incorporate the risk of the user and device, along with compliance and data protection policies help to secure data and productivity.
3. Assume Breach
This one is important as it frames the whole mindset with which you should approach security. The blast radius is minimized to reduce the impact of the breach and lateral movement (when attackers take control of one asset within your network and then obtain privileged access to move around and exploit other assets) is prevented by segmenting the network, users and devices when threats are detected. Once the attacker's presence is detected, the compromised device or user account can be isolated and cut off from further access.
The Pros
- Smart segmentation of data
In a Zero Trust model, you wouldn’t have one big pool of data that all users could access. Micro-segmentation is implemented which segments data according to type, sensitivity and use, thus, protecting critical or sensitive data.
- Improves data protection
Any deviation from baseline standards of activity of any user is automatically triggered, analyzed for potentially malicious activity and access is not granted, thus, reducing data exfiltration and ensuring data privacy.
- Increased resource access visibility
The approach requires you to determine and classify all network resources. This enables organizations to have full visibility of who accesses what resources, at what time, from which location and for which reasons. This will help the security system of the organization to flag any unwanted behaviours.
- Supports compliance initiatives
Zero trust shields all user and workload connections from the internet, so they cannot be exposed or exploited. This invisibility makes it simpler to demonstrate compliance with privacy standards and other regulations and results in fewer findings in audits.
The Cons
- Configuration challenges
As the model can’t be established with a single solution, organizations may struggle with properly configuring the tools they already use. For instance, not all applications provide means for deploying the principle of least privilege, which is the core of the zero trust model.
- Insider threats
The Zero Trust model isn’t fully immune to insider attacks. If an attacker gets a hold of a legitimate user’s credentials or a malicious insider misuses their privileges, an organization’s critical resources may be put at risk of compromise.
- Dependence on the policy decision point
ZTA strongly relies on a policy administrator and policy engine. Without their approval, no connection to enterprise resources can be established. As a result, the performance of the entire network will depend on the proper configuration and maintenance of these two components.
Is it the way forward?
While no security strategy is perfect, and data breaches will never be totally eliminated, zero trust reduces the attack surface and limits the impact and severity of a cyberattack, which reduces the time and cost of responding to and cleaning up after a data breach. Only zero trust security takes a micro-level approach to authenticate and approve access requests at every point, thus, making this approach much more secure than the existing ones.
Written by Khushi Jain and Ruchira Garai