Zero Trust as it should be
Zero trust solutions have been all the rage over the past few years as companies and Government agencies search for a better methodology to secure their data against ever-increasing data breaches that center around remote users needing access to do their jobs, or get the information they need.
The zero-trust authentication model has been around a while, but as more organizations move to the cloud to help embrace remote workers and BYOD, IT and security teams can't assume that users accessing the network are who they say they are. In my opinion the best way to achieve a zero-trust architecture is to separate authentication from access …and insert a firewall in between. Because even if they are real users, IT/Security cannot be sure that their devices are secure. This is how zero trust works best, never trust, always verify. Allow access inside your perimeter and authenticate outside your perimeter.
Because a zero-trust architecture is often made up of more than a half dozen different services, including components such as continuous diagnostic and mitigation systems, security information and event management platforms and ID management systems. With each added service, IT/security can get more granular with not only policy enforcement but what each will have access to once inside the perimeter. This will control lateral movement once inside the perimeter and allow IT/security to continuously monitor logged-in users to ensure endpoints remain secure which has been a huge problem of late with network intrusions and breaches we all have read about.
Contextual and continuous zero-trust authentication is the foundational component of zero-trust architecture. Companies/Agencies can no longer presume someone who logged into an account with a correct password alone is a legitimate user. They cannot trust devices just because they are on a corporate network, either. Initially, user account security focused on multi-factor authentication. Contextual authentication collects additional factors such as location, device ID and time of day when an employee logs into an application or endpoint. This system then assesses the information and compares it to existing data on logins before access is approved. Continuous authentication is also a big component of zero-trust. It does what its name suggests: it constantly determines the system's confidence that users are who they say they are and validate endpoints and allow for endpoints to be validated. All this validation is accomplished before access is granted!! Zero Trust
Great read Larry! Thank you for the post!