Zero Trust: A practical approach to cybersecurity
July 2020 by Ajay Nawani, director sales engineering, MEA, Sophos
Trust is a dangerous word in the information technology field, especially when that trust is implicit – when it’s unqualified or unquestioned. Creating a large, sealed-off corporate network security perimeter and trusting everything inside of it has proven time and again to be a flawed design. The old “corporate network” model with static defenses is incompatible with the cloud, transient users, remote working or unknown devices. A paradigm shift is required.
Zero trust is a holistic approach to security that addresses threats and changes in how businesses work. It’s a model and a philosophy for organizations on how to think about and how to do security. The model guides you to treat all devices as if they were internet-facing and, instead of having one single perimeter, you must create many micro perimeters (or microsegments), applying checks and controls around everything and between everything. Some of the benefits of adopting a zero trust model are
Control of the entire IT estate
From inside the office all the way to the cloud platforms you use. No more lack of control outside the corporate perimeter or struggles with remote users.
Manage and secure all users in the same way
By no longer seeing things as inside or outside the corporate perimeter, you can treat all users in the same way. This both simplifies IT security while also ensuring all devices and users are treated equally.
Maintain security even when you don’t own/have full control over the infrastructure in use By using identity, location, device health, MFA, and overlaying monitoring and analysis, you’re still able to have strong security across any kind of environment, platform, or service.
Drastically reduce the movement of malware or attackers
Rather than having free rein of the entire network once they’re inside, attackers only have access to the bare minimum of systems the compromised user had access to. By continuing to distrust the authenticated user, checks will be in place between those systems, further limiting the ability to spread.
From a disease control perspective, social distancing and a complete lockdown is a concept that is extremely useful, when it’s well-implemented. It’s the same with zero trust in the cyber security world. Currently cybersecurity experts suggest trust nothing. Ever. For when you trust nothing, you are forced to seek relevant security measures wherever there is a risk. Verify everything. Do not assume that passing a check naturally affords trust. Having credentials doesn’t mean you are trustable. It just means you have credentials. And credentials can be stolen. Zero trust is the ultimate security model that will protect organizations from all kinds of cyber threats and assist in business continuity during the pandemic.
It takes a lot of technologies to secure all the resources and assets you’ll have on a network. A zero trust technology stack needs to address two major areas – the management of zero trust, and the security and control of your various resources and assets.
Management is broken into three sub-areas:
• Automation and orchestration – for defining dynamic policies, coordinating all the different technologies, and putting everything into place
• Visibility and analytics – for maintaining oversight of the network and ensuring everything is working as well as identify threats and breaches if or when they occur
• APIs – for integrating your various technologies together, getting data out of one system and into another
Resources and assets are broken down into five sub-areas:
• People – the users, admins, etc. who work for or with your business
• Data – the lifeblood of all organizations and perhaps the most important asset to secure
• Devices – the servers, laptops, virtual machines, etc. you use to conduct your business
• Workloads – the services and apps you use to process data, perform calculations, generate reports, etc Networks – the communication channels over which data flows, web, email, Wi-Fi, the internet, and so on
As it stands, Zero trust - is the future of the cybersecurity space. Currently very few organizations are able to readily embrace it. However, as security perimeters continually erode, the need for adoption will become increasingly prevalent. Cybercriminals are only getting more innovative and defences are struggling to keep up with this. The zero trust model represents a way to truly minimize threats all the while setting new standards in cybersecurity protocol.