Is Zero Trust Architecture the Future of Cyber Security
Remote and flexible working has become the norm.
Cyber attacks are becoming increasingly common, more sophisticated and easier to set up.
Therefore, rigorous cyber security is vital.
In this article, you’ll find out about zero trust architecture, what it is, how it works and why it’s needed in an ever-changing threat landscape.
What is zero trust architecture?
The principle of zero trust was coined by John Kindervag at Forrester Research in 2010. He argued that traditional security models operate on an outdated assumption – that everything inside an organisation’s network should be trusted. This is often called the ‘castle-and-moat’ model.
With Kindervag’s zero trust architecture, the key principle is that nothing can be trusted, even inside the network. User verification is always needed within the network, even for returning users. Stopping lateral movement within a network by using micro segmentation and multiple micro perimeters, helps ensure attackers can’t move throughout the network even if they successfully infiltrate it at a vulnerable endpoint.
This is especially relevant in today’s cyber land of remote working, distributed networks, clouds and edge computing – you simply can’t just throw a network perimeter around it all anymore.
How zero trust works.
Unlike the older castle-and-most model’s ‘trust, but verify’ concept, the frequently touted phrase for zero trust security is ‘never trust, always verify’.
Zero trust architecture’s default setting is ‘trust no one’.
Users, devices and applications all require authentication before and after granting access to network resources.
The concept of least privilege access is also vital in a zero trust environment. Least-privilege access ensures that users, devices and applications have only the access and permissions necessary to complete the task specific to their job, function or purpose.
Zero trust security principles.
Zero trust is really a holistic approach to cyber security and is based on some core principles.
Continuous monitoring and validation.
Zero trust security assumes there are attackers both within and outside the network, so no users or machines should be automatically trusted – there’s that ‘never trust, always verify’ principle again. Logins and connections periodically time out once established, forcing users and devices to be re-verified.
Least privilege.
This involves only giving users just the access they need – it’s like access on a need-to-know basis.
Device access control.
Zero trust systems monitor how many different devices are trying to access their network, checking every device is authorised and not compromised.
Micro segmentation and preventing lateral movement.
As mentioned earlier, micro segmentation is a feature of zero trust security. Security perimeters are broken up into smaller zones to separate out access for parts of the network. This helps to prevent lateral movement, i.e., it limits the ability of hackers to pass from one area of the network to another without further verification. Once an attacker’s presence is flagged, the compromised device or user account can be cut off from further access.
Multi-factor authentication (MFA).
This is one of the core principles. MFA means more than one piece of verification is needed to authenticate a user. For example, many sites now use a 2-factor authorization (2FA) which involves entering a password but also involves entering a code sent to another device, usually a mobile phone.
Minimise impact.
You’ll notice some of the principles of zero trust security are to help minimize the impact should a security breach occur. This is sometimes referred to as ‘limiting the blast radius’.
Why we need zero trust architecture.
Edge computing, the Internet of Things, cloud computing, remote working – all these systems and architectures offer potential vulnerabilities for attackers to exploit.
The threat landscape is ever-changing and developing.
There are new endpoints – different devices, PCs and laptops, different users, different smartphones, all accessing from outside the traditional perimeter.
Companies are having to extend their private networks to employees’ home endpoints, which are often potentially insecure.
Therefore, a zero trust security approach is becoming essential to securing your distributed devices, data and applications, now and in the future.
How to implement zero trust security.
Zero trust security may sound complex but updating your security model can be much simpler with the right expert guidance and experience.
Here, at BlueFort Security, we have that expertise and experience.
Give us a call on 01252 917000, email enquiries@bluefort.com or use our contact form.
Uncovering the hidden risks of Shadow IT
Do you have full visibility of your WFH applications and tools? Controlling a known risk that’s posing new challenges
Most common hacking techniques
Find out the most common hacking techniques
Work Securely Anywhere - Part 1 of 2
Gary Christie, one of our Presales Consultants, shares his top tips for how to be more cyber secure