Zero Trust: Let's Get Started...

Organizations are increasingly moving from Perimeter Security model to Zero Trust model. In Perimeter Security, one can think of putting a perimeter to the network by building walls and stopping enemy at the gates. However, this model is getting bit complex because of changing dynamics of the work like hybrid work model, WFH, hybrid cloud, SaaS applications, IoT devices and so on. Defining the perimeter is becoming complex as the new scenarios are getting added.

So, what is Zero Trust actually?

To start with, Zero Trust is not a product or service that one can buy from the shelf. It is also not something that can be achieved just by implementing new technology.

Zero Trust is a security strategy in a nutshell. Theoretically, there are 3 principles of Zero Trust strategy as given below:

·        Never trust, always verify: Security decisions are made using all available data points. These include identity, location, device health etc.

·        Least privileged access: This includes Just-in-time access, Just-enough-access, risk based policies etc.

·        Assume breach: Micro-segmentation, verify encryption, use threat detection tools to continuously monitor the perimeter.

These principles create a foundation on which Zero Trust Architecture is built.

By definition, a Zero Trust Architecture (also referred as ZTA) is the one that can support its mission while maintaining confidentiality, integrity, and availability (CIA) requirements following Zero Trust Principles mentioned above.

The eight pillars of Zero Trust security represent focus areas for implementing a Zero Trust environment.

1.      Identity security: It mainly focuses on authentication and access control policies to identify and validate users connecting to the network. RBAC (Role Based Access Control) and ABAC (Attribute Based Access Control) will apply to policies to authorize users.

2.      Endpoint security: Endpoint or device security perform validation of devices trying to connect to the network. The devices may include user controlled devices and IoT devices as well.

3.      Applications security: This pillar includes application and workload security for on-prem and cloud based services.

4.      Data security: This includes data categorization, data storage and data management strategy. Here, focus is on securing and enforcing access to data.

5.      Visibility, monitoring and analytics: This focuses on visibility into all security processes, access control, segmentation, encryption, network monitoring, getting insights etc.

6.      Automation: Automation is critical to strengthen security posture. This typically includes routine tasks automation like provisioning, access reviews, recertification etc.

7.      Infrastructure security: This ensures that workloads are secured against unauthorized access.

8.      Network security: It includes micro-segmentation techniques, network access and encrypted end-to-end traffic.

For any organization, implementing ZTA is a phased approach targeting prioritized areas based on their current Zero Trust maturity level. There are various assessment tools(Microsoft, Okta etc.)  available to check your current security posture. In the next articles, we will focus more on the assessment and approaches to implement ZTA.

Thanks,

Amol