What does Zero Trust Architecture stand for?
This article is about Zero Trust Architecture concept.
Never Trust, Always Verify
In fact, a new concept has entered the world of cyber security in the not too distant past. In this article, I will briefly share an overview of this subject. Zero Trust Architecture (ZTA) is a concept that proposes there is no implicit trust given to user accounts or assets simply based on their network or physical location or based on their ownership of the asset.
Principles of Zero Trust
There is no implicit trust granted to anyone simply because they happen to have access to the network or physical location. At the core of ZTA is the elimination of unauthorized data and services access and making access control as granular as possible. NIST has outlined several conceptual principles related to the design and execution of ZTA.
- All data and computing devices shall be considered as resources. For instance, if an employee’s smartphone can access enterprise data, it should be classified as a resource.
- Communication must be secured regardless of the location of the network. Whether the requests are originating from inside or outside the network, identical security levels must be maintained. All communication must be authenticated and encrypted.
- Individual enterprise resource access should be provided per request. Authentication to a single resource doesn’t automatically grant access to other resources.
- Resource access should be governed by policy including the user identity state and the system requesting along with other behavioral attributes.
- Businesses must ensure that all of their owned and associated systems are in the highest possible state of security through constant monitoring. Patches and fixes should be applied immediately to diffuse vulnerabilities.
- Authenticating the user shall be strictly applied prior to access and must be an iterative process.
Zero Trust Architecture Approaches
An organization can choose a variety of ways to apply ZTA for its workflows. The policies and components may differ from organization to organization given their business objectives and culture. Despite differentiation, all approaches ensure compliance with all the principles of Zero Trust. That being said, they have an option to put more focus on one or a few principles as the primary security policy drivers. The following is an overview of those options.
ZTA with Enhanced Identity Governance
This involves making the identity of actors the crucial component of policymaking. In this approach, enterprise resource access terms and conditions are defined based on identity and assigned attributes where the main requirement is the access privileges provided to the subject for accessing a resource.
ZTA with Micro-Segmentation
In this approach, the enterprises choose to deploy ZTA by positioning an individual or groups of resources on a separate network segment that has gateway security protection. In such cases, the organization relies on infrastructure devices like routers, switches, and next-generation firewalls to act as policy enforcement points (PEPs), which safeguard every resource or associated group of resources. This can also be enforced through software agents.
ZTA with Network Infrastructure and Software Specified Perimeters
Using this approach, the enterprise implements ZTA by deploying an overlay network, usually layer 7 but lower OSI network stack can also be used. This approach is also called software-defined perimeter (SDP) as they often include ideas from Software Defined Networks (SDN).
Why adopt a zero-trust security model?
Today’s cloud environments can be attractive targets for cybercriminals aiming to steal, destroy, or ransom business-critical and sensitive data, such as personally identifiable information (PII), intellectual property (IP), and financial information.
While no security strategy is perfect and data breaches will never be eliminated, zero trust is among today’s most effective strategies. Zero trust reduces the attack surface and mitigates the impact and severity of cyberattacks, reducing the time and cost of responding to and cleaning up after a breach.
Benefits of zero trust
1. Reduce business and organizational risk
Zero trust solutions stop all applications and services from communicating until they are verified by their identity attributes — immutable properties that meet predefined trust principles, such as authentication and authorization requirements.
Zero trust, therefore, reduces risk because it uncovers what’s on the network and how those assets are communicating. As baselines are established, a zero-trust strategy further reduces risk by eliminating overprovisioned software and services as well as continuously checking the “credentials” of every communicating asset.
2. Gain access control over cloud and container environments
Access management and loss of visibility are security practitioners’ greatest fears about moving to the cloud. Despite enhancements in cloud service provider (CSP) security, workload security remains a shared responsibility between your organization and the CSP. That said, there’s only so much you can affect inside the CSP’s cloud.
With a zero-trust security architecture, security policies are applied based on the identity of communicating workloads and tied directly to the workloads themselves. This keeps security as close as possible to the assets that need protection, unaffected by network constructs like IP addresses, ports, and protocols. Protection travels with the workload and remains constant even as the environment changes.
3. Reduce the risk of a data breach
Following the principle of least privilege, every entity is assumed hostile. Every request is inspected, users and devices are authenticated, and permissions are assessed before “trust” is granted. This “trust” is then continually reassessed as context changes, such as the user’s location or the data being accessed.
Without trust, an attacker who gets inside your network or cloud instance through a compromised device or other vulnerability won’t be able to access or steal your data. Moreover, because the zero trust model creates a “secure segment of one” with no way to move laterally, the attacker will have nowhere to go.
4. Supports compliance initiatives
Zero trust shields all user and workload connections from the internet, so they can’t be exposed or exploited. This invisibility makes it easier to demonstrate compliance with privacy standards and regulations (e.g., PCI DSS, NIST 800–207) and results in fewer findings during audits.
Implementing zero trust micro-segmentation enables you to create perimeters around certain types of sensitive data (e.g., payment card data, data backups) using fine-grained controls to separate regulated and non-regulated data. During audits, or in the event of a data breach, micro-segmentation provides superior visibility and control compared to the overprivileged access of many flat network architectures.
How to get started with zero trust
When designing a zero-trust architecture, security and IT teams need to focus on business concepts: What are we trying to protect? From whom? It’s important to recognize that a zero-trust architecture underpins the entire security solution. Technologies and processes are layered on top of the strategy, not the other way around.
