Introduction
|
|
When cyber attackers managed to shut down the Colonial Pipeline – one of the largest oil pipelines in the United States – in 2021, it quickly prompted the widespread modernization and strengthening of cybersecurity for critical infrastructure across the nation.
As these types of cyber attacks become more frequent and more severe, it begs the question: Is there too much “trust” in most organization’s cybersecurity architecture? And, should IT teams implement Zero Trust architecture to prevent these security lapses in the future?
What Does Zero Trust Mean?
Zero trust is a cybersecurity architecture focused on securing individual assets and data, rather than the entire network perimeter. Based on the principles of identity verification and controlled system access, zero trust is also known as zero trust architecture (ZTA), zero trust network access (ZTNA), and perimeter-less security.
Pioneered in 2010 by John Kindervag, a cyber security analyst at Forrester Research, zero trust architecture is the framework for applying the principles of identity verification and controlled system access into organizational IT policies. Simply put, zero trust assumes every user is an attacker and eliminates all “trust” from an organization’s network with the straightforward message: “Never trust, always verify.”
Zero Trust Definition
The foundations of zero trust models stem from decades of federal government research in cybersecurity and enterprise infrastructure. The National Institute of Standards and Technology (NIST) published Special Publication 800-207 in 2018, a joint project to outline definitive standards of zero trust architecture.
Their operative definition of zero trust and zero trust architecture is as follows:
Zero trust (ZT) provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised. Zero trust architecture (ZTA) is an enterprise’s cybersecurity plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a zero trust architecture plan.
Why is Zero Trust Important?
Historically, organizations used a perimeter-based security model that helped them defend against cyber threats outside their corporate network. Layered network defenses have been the traditional approach to security for decades.
Network-centric methods relied heavily on physical sensors—like firewalls, Intrusion Prevention System (IPS), and Intrusion Detection System (IDS)—to control and secure north-south traffic. Once inside the corporate network, trust was implicit and given to everyone.
This security model introduced significant blindspots when organizations started to utilize cloud solutions and employees, contractors, and partners were required to connect to corporate resources outside the corporate network.
Today, almost all enterprises use cloud services. In the U.S. alone, organizations expect that 60% of their workforce will be remote workers and 87% of businesses depend on the employee’s ability to access business information on their mobile devices.
Although it was once unthinkable, many resources and services are now accessible outside the corporate network and hosted in the cloud. But this also means they’re outside the security boundary that a perimeter-based security model can protect.
Whereas legacy perimeter-based security models are focused on defending against threats coming from outside the network, zero trust acknowledges that threats exist both inside and outside the network.
By successfully adopting zero trust, organizations can perform risk-based access control and leverage the concept of least privileged access for every access decision. That is why many organizations are looking to move from their legacy perimeter into a zero trust security model.
Core Principles of the Zero Trust Model
The core principles of a zero trust model are generally defined as follows (according to the UK’s National Cybersecurity Centre).
1. Creating Single, Strong User Identities and Single, Strong Device Identities
Each user and device identity in a network should be unique and immediately identifiable. Users should be assigned account credentials with clear roles to facilitate granting access privilege.
The National Cybersecurity Centre recommends that companies create synchronized or singular user directories that show each user and role within an organization.
2. Always Authenticate Access, Anywhere in a Network
All user and application data points should be taken into consideration in the authentication process, such as physical location and what type of device is being used. Multi-factor authentication is crucial in zero trust architecture, especially in environments with sensitive or privileged data.
3. Know All Architecture
Security teams should know all of their architecture – including devices – while monitoring their health. Knowing who and which devices are part of the network is as important as knowing what data and assets are stored in the digital environment.
Monitoring architectural health can help ensure that devices are in compliance with organizational security policies and instill confidence that the device is trustworthy and unlikely to be compromised.
Services and applications should also be monitored to apply proper security upgrades and maintenance when needed.
4. Policy-Setting
Set policies based on the value of data or a service. Access should be granted at the least-privileged level to allow users or devices to connect and access only what is needed at a given time to perform a specific role.
5. Never Trust the Network
In a ZTA, users must control access and never trust the network itself – including the local network. The above-mentioned access policies should be designed and implemented according to the types of zero trust technologies available and the needs of a user’s organization.
Access should only be granted when the conditions of the organization’s policies are met.
6. Always Use Services Designed for Zero Trust
Non-compliant services have too much room for security and user error issues. In a zero trust network, it should be presumed that a service or device is a potential threat and untrustworthy.
Using services and technologies specifically designed for compliance with NIST 800-207 comes with built-in support and confidence that the service can be integrated into the architecture.
What is Zero Trust Architecture?
Zero trust architecture is anything that has been built or developed with zero trust principles in mind.
In the wake of continued cloud-based computing solutions, ZTA has become more important than ever before.
Why Does Zero Trust Architecture Matter?
Zero trust architecture concepts grow more important as modern organizations realize the need for an approach to cybersecurity that can respond to the complexities of large networks with increasingly off-site or cloud-based data and services.
Hackers and cybercriminals are continuously developing sophisticated techniques to breach servers and networks that should be countered with a dynamic and aggressive defense. By eliminating the implicit trust of users and devices in a system, zero trust security provides confidence that the network remains protected and secured.
Zero Trust Architecture Diagram
Benefits of Choosing a Zero Trust Architecture
Zero trust architecture’s core principle of definition and classification of individual data points allows organizations to better see resources and how they are accessed. Knowing how, when, and where a network is being accessed and used allows for a faster response to any issues or potential security breaches.
Cyberattacks rarely occur at the point of entry; this is just where a hacker gains access. Most cybercriminals will then laterally work through a system to access the most sensitive information. In the field of cybersecurity, assessing lateral movement is crucial to ensuring a system remains secure.
The segmentation of resources within a zero trust model is a massive benefit because it ensures that in case of any breach, other parts of the network are still protected despite lateral movement. This lies at the core of why zero trust is an important principle when it comes to types of security models.
Authentication of user and device credentials also ensures the safety of a network from vulnerabilities such as unsecured cloud devices. Zero trust identity verification models streamline the authentication process and simplify identity management.
Challenges in Zero Trust
Zero trust architectures have internal and external challenges to consider.
Proper implementation can be timely and costly, and may affect productivity if access to network resources is limited. Legacy systems may not have infrastructure compatible with zero trust architecture, requiring system upgrades or redesigning entirely. Integrating zero trust with third-party technologies can also pose some problems without proper preparation.
The continuous maintenance and monitoring requirements of the zero trust model can also be a large commitment. Access permissions should be kept up-to-date and continuously validated, which can be challenging with recent increases in remote or hybrid workforces and reliance on third-party applications.
Malicious actors may still be able to obtain credentials or misuse privileges within a system if there is any lapse in monitoring or authentication protocols. Securing information across a wider range of users and devices may mean having to implement and integrate multiple complex use policies specific to the needs and protocols of each group.
These challenges can be mitigated with the right support systems and policies, and the benefits of implementation outweigh the potential limitations.
How to Implement a Zero Trust Model
It’s important to acknowledge that moving to a zero trust security model can take time.
The zero trust maturity level matrix helps users understand where they’re starting from and what the long-term objectives are before implementation:
1. Define the Data or Services That Need Protection
Zero trust models work to protect. Define the scope of the protected surface by determining which assets are most important or are at the most risk in a case of attack or compromise. To achieve zero trust is to put considerable time and effort into those identification stages.
Users should know who has high-level access to their network to ensure access controls can be maintained.
Data could be user information or financial details, or services such as DNS.
2. Map Transaction Flows
This is tracking the way that information moves across a network. Mapping flows and connections will help in determining vulnerabilities and where to enforce controls to protect information.
3. Design the Zero Trust Architecture Itself
After defining the protected surface and mapping transaction flows, the next step is designing the actual architecture. This has its own four-stage process.
- Identify both users and IoT devices and determine who and what is regularly accessing the network.
- Set up controls to manage access. This is also known as applying microsegmentation. These controls are commonly known as access controls and concern how users access the network. Usually, next-generation firewalls are used to ensure this security.
- Continually monitor access. This monitoring ensures security teams know which controls are working properly, and which need improving.
- Make the network secure for remote access. This may involve increased identification features or monitoring.
4. Outline the Policies of Use
These policies control access to and across the network and should be based on the who, what, when, where, why, how principles. Outline how devices and applications can be used and how their credentials are verified.
As a general rule, a good tip is also to provide just enough access in a system. The fewer accounts operated, the less monitoring necessary.
Security teams should know who can access what, and never allow anyone default access to any part of the system. This lack of default access can become one of the main benefits of zero trust.
5. Monitor and Maintain the Network
This is an ongoing process, and updates may be needed regularly to ensure the network remains compliant to the zero trust model.
6. Implement the Zero Trust Model Beyond the Network
A final tip is to adopt the zero trust mentality outside of network design itself. Zero trust is an outlook needed to share with employees to achieve the best results.
This can help them be mindful when accessing the network and can make the job of monitoring it far easier. It can also help them adapt to new ways of working with the zero trust model for the greatest efficiency.
How SentinelOne Can Help
With the current trend of remote working and reliance on the cloud, zero trust has become more challenging than ever before. Consider optimum working conditions alongside zero trust principles to come up with a solution.
To achieve zero trust, every edge of the network must be secured. SentinelOne’s zero trust integrations dynamically validate device health and security posture prior to connecting to corporate networks and sensitive data.
The SentinelOne Singularity ecosystem is expanding rapidly with joint solutions also available for sandboxing, threat intelligence, SIEM, CASB, and workflow automation. Integrations are available with no-code automation, providing collaborative defense-in-depth, streamlined operations and workflows, and unified cross-system response capabilities.
Put an end to passive security. SentinelOne proactively protects your business at every stage of the threat lifecycle. See for yourself – schedule a demo.