The concept of Zero Trust assumes all users and devices – whether it is inside or outside the corporate network – are untrustworthy. According to the U.S. National Institute of Standard and Technology (NIST)’s definition*:
Zero Trust (ZT) provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.
Zero Trust Architecture (ZTA) is an enterprise’s cybersecurity plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies.
A Zero Trust Enterprise, therefore, is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as product of a zero trust architecture plan.
As today’s organizations are challenged with protecting an increasingly complex infrastructure, embracing mobile workforces, and enabling cloud migration, interest in Zero Trust has grown tremendously. A 2019 IDG survey** found that 21% of organizations have already adopted a Zero Trust model and 63% plan to do so over the next 12 months. In this blog post, we will discuss eight principles for you to consider when enabling a Zero Trust Architecture in your organization.
Users can have multiple devices and access enterprise resources from a variety of networks and apps. Almost all these resources require authentication, making identity a common denominator across all access requests, whether from a personal device on a public Wi-Fi network or a corporate device inside the network perimeter. Using identity as the control plane lets companies treat every single access request as untrusted until the user, device, and other factors are fully vetted
This means each resource and component of your architecture must be mapped throughout the computing services and data assessed. This includes all users, devices, services and data sources that access or traverse your network.
Uniquely identify, manage, and patch devices owned by your organization in order to foster secure asset management and vibrant visibility into the services and data the devices access. When connecting to resources or services provided by your organization, devices that are discovered to be compromised, have known vulnerabilities, and not managed by your organization may be treated in a different manner than those devices owned, managed, and secured by your organization. Within a bring your own device (BYOD) model, the security confidence and trust of the personal device is much lower. A personal device may only be allowed to access some resources and services, but not others.
It is a best practice to not trust any network between the device and the service it is accessing. This includes your local company network. Assume that you have a malicious actor or device on your internal network. Incorporate policies and a network design that support communication in the most secure manner available through the authentication of all connections and the encryption of all network traffic.
From within a single directory or identity service, enable granular access controls and create specific roles for each user. Ensure the directory or identity service can also be utilized by all resources, services and data – both internal and external to your organization.
Systems and services, both internal and external to your organization, may be available for access directly over the internet, so the authentication of user requests requires a much stronger mechanism as opposed to the use of a simple username and password combination. A zero trust model requires the use of multi-factor authentication (MFA) and continuous monitoring with possible reauthentication and reauthorization throughout user interaction. This is defined and enforced by policy that attempts to attain a blended balance of security, availability, usability and funding.
Control access requests to your services and data resources with policies. Resource access and action permissions policies can vary based on the sensitivity of the resource/data. A least privilege principle should be applied in order to limit both visibility and accessibility while protecting your data in transit with encryptions.
On any given day, most devices and services are exposed to network attack. An organization should monitor and collect device logs and network traffic data to ensure availability and performance. An organization should also analyze the collected data to identify rogue devices and malicious activities. The collected data and analytics can serve to help you improve security policy creation and enforcement.
A Zero Trust model is not easy to achieve. For most organizations, a phased approach that targets specific areas based on your maturity level, resources and priorities will be more effective. An IT Risk Assessment can assess your cybersecurity posture to determine where your organization is and how to move to the next stage. Contact us today to schedule your IT Risk Assessment.
* NIST Special Publication 800-207 “Zero Trust Architecture”, Chapter 2 – Zero Trust Basics, page 4**IDG Explorer survey, May 2019