Zero Trust: From Vision to Reality
What is Zero Trust?
Zero trust is an IT security model that requires strict authentication of people and devices trying to access resources on a private network. It does not implicitly trust any user or device, even if they are known or already have access to some network resources.
Zero trust is a response to the breakdown of the traditional network perimeter model. In the past, organizations focused their security efforts on securing the network perimeter and preventing a breach into the core network. Within the network perimeter, users and devices were considered safe.
Today, with the prevalence of remote cloud services, remote work, distributed teams, and the use of personal mobile and computing devices, the network perimeter no longer exists. Zero trust makes it possible to secure organizational assets no matter where they are located, when accessed by any device from any location.
There is no specific technique or technology used to implement a zero trust architecture. However, new security solutions are emerging that can assist in implementing zero trust principles, including identity and access management (IAM), zero trust network access (ZTNA), and network microsegmentation.
While the vision of zero trust is inspiring, implementing it in your organization is a long road. This article will take you from the theoretical principles of zero trust, through the technologies and real life challenges involved in implementing it, to a brief practical guide for implementing zero trust in your organization.
Why is Zero Trust Important?
In recent years, it has become clear that data breaches are not only, or even primarily, caused by breaches of the network perimeter. Increasingly, breaches are caused by malicious or careless insiders, accounts compromised by social engineering or other techniques, or focus on weaker links of the IT environment, such as unsecured personal endpoints or cloud systems.
Before the advent of zero trust, companies used solutions like firewalls and VPNs to control access to networks and applications. The inherent flaw of these solutions is that once the user is successfully authenticated, they are “trusted” and granted unconditional access to corporate resources. Users were exposed to unnecessary data and systems, including mission-critical resources.
To resolve this situation, organizations implemented complex, expensive layers of security to stop attackers, such as intrusion detection, behavioral analytics and endpoint protection, with no real guarantee that any of these layers will prevent a breach.
Zero trust is a more holistic solution that assumes attackers have already breached the network, but prevents them from escalating privileges and moving laterally within the network. It reduces the need for complex security measures to detect and mitigate threats, because it creates an inherently secure network environment.
Another benefit of zero trust is that it centralizes and standardizes the problem of access control. Instead of requiring every application on the network to be inherently secure and implement strong authentication measures, the network manages access and authentication centrally. Applications do not handle authentication on their own, relying on a zero trust “access broker” to check if users are eligible for access, and verify their identity.
What are the Core Principles of the Zero Trust Model?
Zero Trust is based on multiple pillars working together to reduce the potential for misuse of sensitive company data.
The least privileged access principle ensures users can access only the resources and business applications they need to do their work. Also, if two or more access rules conflict, the more restrictive rule always applies. This minimizes each user’s access to sensitive parts of the network and limits the risks associated with excessive privileges.
Zero trust networks divide the security perimeter into smaller areas, managed by separate access rules. Users access a specific area and never gain access to the entire network. Micro-segmentation makes security easier to manage, reduces the attack surface, and improves data security by applying appropriate, separate access policies to datasets in each network segment.
In some cases, it may be impractical to segment a network or an application, because of its size or other technical requirements. Another approach is to isolate it from other elements in the network, and separately manage its privileges and access controls.
Continuous Monitoring and Validation
The zero trust model continuously and carefully monitors, controls, audits, and manages user activity in real time. This provides organizations with a complete picture of who accesses what, and why. When suspicious activity occurs, security teams receive immediate warnings, making it easy to identify and respond to potentially malicious activity.
Learn more in our detailed guide to the zero trust model
How Zero Trust Security Works
Zero trust security works by protecting several components of the environment—data, networks, workloads, and devices.
Zero Trust Data
Data is an asset, and usually the main target when malicious actors try to hack a system. Zero trust strategies need to prioritize data first. To do this, you first need to gain a better understanding of your data, including its location and sensitivity levels, and define user access appropriately. Once you have this information, you need to constantly monitor user activity, and set controls in place for detecting and responding to potential threats.
Zero Trust Networks
A zero trust strategy limits the scope of a breach. You can create this for your network by segmenting, restricting, and isolating the network. If attackers attempt to breach the network by manipulating insider threats or exploiting a misconfiguration vulnerability—they will be restricted by the controls set in place. If the network is entirely configured for zero trust, attackers will have a difficult time moving around the network.
Learn more in our detailed guide to zero trust networks
Zero Trust Workloads
The term “workload” generally refers to the entire applications stack and backend software that customers use to interact with the business. This includes the operating system (OS) and storage, as well as frontend components. To protect your workloads against attacks targeting customer-facing applications, you need to apply zero trust measures that reduce the attack surface and increase your visibility and control.
Zero Trust Devices
Endpoints are no longer restricted to company-owned devices, like desktops located at the office facility. Today, employees and third-parties constantly use personally owned devices to connect to the corporate network. These endpoints can be laptops and smartphones, as well as Internet of Things (IoT) devices like smart TVs and coffee machines.
To ensure the safety of the digital assets of the company, organizations need to secure, isolate, and control devices connected to the network. This can be accomplished with zero trust controls and policies, as well as EDR technology.
Learn more in our detailed guide to zero trust security
Technologies Behind Zero Trust Architecture
Here are the main technologies used to implement a zero trust architecture:
- Strong user verification—achieved through measures like role-based access control (RBAC).
- Identity and access management (IAM)—help you define and manage user permissions. The IAM system decides whether to grant or deny access requests.
- Multi-factor authentication (MFA)—helps protect the network against weak or reused passwords.
- Endpoint protection—attackers use compromised endpoints to exploit authorized user sessions and gain unauthorized access to company resources. Endpoint security can help protect against compromised accounts.
- Zero-trust network access (ZTNA)—remote connections often use telework. To ensure secure remote access, ZTNA technologies provide continuous monitoring for remote connections.
- Microsegmentation—enables you to enforce zero trust policies inside the network.
Learn more in our detailed guide to zero trust solutions (coming soon)
Challenges of the Zero Trust Strategy
Zero trust is a paradigm shift for most organizations, and implementing it in large scale networks can be challenging. Here are some of the key challenges faced by organizations as they adopt zero trust.
Legacy Applications and Protocols
Mainframes, old HR systems, shell scripting languages like Powershell, and legacy protocols like POP, SMTP, and IMAP are typically incompatible with the zero trust approach. There are two approaches for dealing with this:
- Excluding legacy systems from the zero trust implementation, which can defeat the point of zero trust, because those legacy systems become a weak link for attackers to target.
- Shutting down or restricting access to legacy systems, which can seriously impair employee productivity, because these systems are part of critical business processes in many organizations.
To succeed in your zero trust implementation, you must have a well-thought-out strategy for dealing with legacy components.
Zero trust is new, and many regulations and industry standards have not caught up. For example, to comply with the PCI DSS standard (required for organizations processing credit card data), you need to implement a firewall. However, in many zero trust topologies, a firewall is not needed because networks are segmented to begin with.
This requires a close evaluation of:
- Your existing compliance obligations
- Impact of zero trust implementation on compliance requirements
- Zero trust measures that can be performed under current compliance standards, and those that cannot.
Visibility and Control
In a traditional, unified network, organizations had a high level of visibility over all network resources. As an organization transitions to a zero trust model, it breaks up its network into “islands” with separate networking and access policies. Traditional monitoring and network management tools cannot operate consistently over a micro-segmented network. This breakdown in visibility can have serious security implications, including unpatched devices, shadow IT, and unmonitored systems.
Implementing Zero Trust Security
3Ws – Workforce, Workplace and Workloads
Here are the three important components you need to protect when implementing a zero-trust security architecture:
- Workforce—it is critical to protect users and their devices against various threats, including credential theft and phishing attacks. You protect the workforce by using identity verification and authentication tools like MFA.
- Workplace—in addition to protecting your workforce, you need to protect the workplace. You can do that by ensuring the corporate network is properly protected. You can, for example, use software-defined access to secure connectivity requests from various sources, including IoT devices and local users.
- Workloads—another important element that requires protection is the constant flow of information moving across the network. This includes on-premise data centers, public and private cloud environments, and endpoints. For example, you can set up measures that proactively identify workload behavior anomalies.
Incorporate New Tools and Modern Architecture
Traditional cybersecurity tools are not designed to provide zero trust capabilities. To fill in the gaps, you need to introduce new tools into your existing stack and, if needed, design and implement a modern architecture that incorporates by design the additional layers of security.
When choosing tools for zero day strategies, you can consider network micro segmentation tools, MFA and single sign-on for secure access control. You can also leverage tools that provide advanced threat protection capabilities.
Related content: read our guide to zero trust architecture
Apply Detailed Policies
Policies are rules that enforce specific measures. A zero trust policy enforces rules that grant or deny access to resources, according to predefined standards. You can configure devices to adhere to zero trust policies only and deny any other attempted access.
Generally, a zero trust policy allows access only when absolutely necessary. However, you can and should specify the users, applications, and devices that are allowed access to each data type and service.
Monitor and Alert
To properly work, a zero trust architecture relies on components that enable continuous monitoring, including data correlation and log analysis. This information is vital to ensure the system detects signs of compromise. The monitoring tools you choose should integrate well into your existing ecosystem and provide you with alerting capabilities.
Alerting helps ensure that your team and relevant stakeholders are notified on time. However, be sure to configure alerts in a way that prevent false positives. The team needs to respond quickly, if not in real-time, but the team cannot and should not respond to any event that triggers an alert. You need to prevent alert fatigue and ensure the team remains productive.
Zero Trust for Virtualized Desktops with Hysolate
Hysolate splits a user’s device into two segregated zones, each running in its own OS, leveraging the latest hypervisor and virtualization-based security technologies. One OS is the user’s unmanaged/untrusted/personal OS and another is a trusted corporate OS running in a VM.
The corporate VM runs a fully locked-down operating system that can contain an inaccessible client certificate that vouches for the integrity of the VM. The ZTA broker would only allow that corporate VM running on Hysolate to have access to sensitive enterprise applications. The end-user would be unable to access these applications from any other untrusted environment/device.
With Hysolate, IT can isolate the corporate sensitive VM from the user’s “riskier productivity zone” OS, including detailed controls over clipboard, USB, network, applications and more. With this Zero Trust architecture in place, enterprises can really move to a secure-by-design architecture.
Learn More About Zero Trust
What is a Zero Trust Network?
A zero trust network continuously authenticates and validates users and connected endpoints. The goal of zero trust security models is to ensure networks remain protected, while providing access to remote endpoints and users, including bring your own device (BYOD) endpoints and external-third party integrators. Learn about the concept of zero trust networks, how they enable better security with improved remote accessibility, and how to select a ZTNA solution.
Read more: What is a Zero Trust Network?
Zero Trust Architecture: 3 Approaches and 4 Best Practices
A zero trust architecture is an approach to security that assumes that all systems, networks, and users are untrusted. It requires continuous authentication of devices, users, and applications.
Learn how a Zero Trust Architecture (ZTA) works, discover approaches to implementing a ZTA, and best practices for making it a success.
What Will Zero Trust Security Mean for Your Organization?
Zero trust security helps organizations enforce policies and processes that authenticate, authorize, and continuously validate all users and devices. It is based on the notion that no user, device or application on the network should be trusted, even if it is within the organization’s security perimeter. Learn about zero trust security concepts and components, and how to begin implementing zero trust in your organization.
Read more: What Will Zero Trust Security Mean for Your Organization?
Zero Trust Model: Principles, Challenges, and a Real Life Example
The zero trust model is a holistic approach to network security, which requires the verification of each person and device whenever it attempts to access resources on a private network. This remains true, no matter if that device or person is already inside or still outside the network perimeter. Learn about the core principles of a zero trust model, its challenges, and see how Microsoft is implementing Zero Trust across its corporate network.
Zero Trust Solutions: Which ZTNA is Right For You?
A zero trust security model assumes that all persons and devices trying to access a network are not to be trusted until they are verified as legitimate. Thereafter, it only grants the least privileged access to resources required for an applicant. Understand zero trust solutions including agent-initiated ZTNA and service-initiated ZTNA, how they compare and how to evaluate ZTNA solutions for your organization.
Read more: Zero Trust Solutions: Which ZTNA is Right For You? (coming soon)
Application Whitelisting: Challenges and Best Practices
Whitelisting is a way of creating an inventory of secure software applications that may run on an organization’s network. Whereas blacklists block specific application sets, whitelists specify which programs are allowed—with the objective of preventing harmful files and malicious software from running on a company’s infrastructure. Learn how application whitelisting works, challenges involved in identifying and maintaining application whitelists, and best practices to help resolve them.
Read more: Application Whitelisting: Challenges and Best Practices (coming soon)