Cybersecurity threats have evolved to such a dangerous degree that they can target systems in a sophisticated manner such as setting up disguises as trusted logins or devices that the targeted security system is familiar with.
These types of threats have given rise to stricter, more stringent security measures, one of which is the Zero Trust model.
Definition
Zero Trust is a security model based on the belief that an enterprise or organization should not automatically trust anything or anyone in accessing their data, whether externally or even internally. Instead, it encourages them to be constantly vigilant and verify all requests for access to their systems, ensuring veracity before such access is to be granted.
This also means this model never assumes that everything and everyone even within the organization does not pose a threat just because it is already part of the organization. As such, everyone undergoes the same stringent security measures every time they seek access to the enterprise’s assets to ensure the protection of these assets and lessen the chances of attacks, especially from within. This also better ensures that users only access the resources relevant or needed in relation to their roles or functions and prevent possible breaches that may result from unintended access.
Principles of the Model
Zero Trust seeks to address three key principles based on the NIST standard that has defined this particular model:
Continuous verification - Constant verification of access at all times for all resources.
Limiting the “blast radius” - Minimizing the impact in the event of a breach, whether external or internal.
Automation of context collection and response - Behavioral data is imported and context is acquired from the entire IT stack (identity, endpoint, workload, etc..) for the most accurate response.
The enforcement of Zero Trust policies relies heavily on real-time visibility into hundreds of user and application identity attributes.
Who Needs to Have a Zero Trust System?
While any organization can benefit from Zero Trust, it is especially crucial if the organization is required to protect an infrastructure deployment model that includes:
Multi-cloud, hybrid, multi-identity systems
Unmanaged devices
Legacy systems
SaaS apps
Technology and Process
Zero Trust employs a variety of tools and processes the verify user identity and it would depend on the enterprise’s security administrator as to the tools and processes to use. Multifactor authentication, analytics, and encryption are some of the technologies being employed for this model. Because of this, there is no need to deploy special hardware or software to implement Zero Trust other than a realignment of access policies such that it conforms to the model.
But as noted previously, Zero Trust is not just about utilizing these individual technologies, but how they help enforce the idea that no one and nothing has access until they have proven their trust to access the enterprise’s resources.
The implementation itself involves three stages as follows:
Stage 1: Visualize – understand all of the resources, their access points, and visualize the risks involved
Stage 2: Mitigate – detect and stop threats or mitigate the impact of the breach in case a threat cannot be immediately stopped
Stage 3: Optimize – extend protection to every aspect of the IT infrastructure and all resources regardless of location while optimizing the user experience for end-users, IT, and security teams
Implementation
While the Zero Trust model has shown to be an effective model in improving security, it is also one that is not easy to set up, especially if there are legacy systems that do not transition well to the model. There is also the matter of changing the mindset of the people in the organization who may think such a model is unnecessary, if not ”draconian”, because of their long-held beliefs that firewalls are enough to deter cybercriminals.
Because of these factors, it is important that organizations that are intent on implementing the Zero Trust model should do so as part of their overall digital transformation strategy rather than a standalone endeavor so it can be implemented more effectively within the organization from the ground up while ensuring that the environment will be more conducive and future-proof for the model to work.
コメント