The notion of trust used to be foundational to any information security strategy and the respective controls embedded within an organisation’s security approach. Typically the concept of ‘trusting’ users meant granting access to those who were expected and allowed to access a specific application or service.
But in cyber security, can we really trust anyone anymore?
The departure from trust
While the departure from mere network security perimeters and trust-based procedures is not necessarily new, it is rapidly advancing. Security professionals realized that granting network-access based on deeming users trusted or untrusted is an unsafe and tedious practice.
Increased cloud-computing and Bring-Your-Own-Device behaviours have meant that anyone who needs access to corporate data, such as employees, customers, partners and vendors, are not necessarily operating from company-issued devices. This has made protecting data, as well as managing ‘trusted’ users all the more challenging.
What is Zero Trust?
The escalated adoption of the Zero-Trust approach is a marked shift in the way perimeter defence is thought about and enacted. Rather than assuming the network is being accessed by only authorised individuals, the assumption is that cybercriminals can and possibly already gained a foothold into your systems. Therefore, a user’s location – whether inside or outside your network – is not a deciding factor on the levels of access they have.
The question still remains… What is Zero Trust?
It is framework that revokes trust and instead focuses on verifying the identity of users. This means that user identity is controlled and inspected in a more granular and compartmentalised way. Every account and device that tries to gain network access must first be subjected to multiple levels of verification prior to entry and once authenticated, will then be under a variety of insular controls.
What are the Elements of Zero Trust?
Zero Trust can include:
Identity and Access Management (IAM)
IAM (also known as identity management) is a framework that assists IT managers to establish and manage user identity, as well as manage their roles and privileges. It often constitutes the basis of many Zero Trust approaches, as it involves the other elements mentioned below.
It is extremely useful when on-boarding employees or revoking access for departing employees, thereby enabling management across the entire access life cycle. It allows for more flexibility in conjunction with improved security by automating workflows and granting levels of employee access suited to what their role requires and furthermore, in which context they are operating in. This is particularly useful for a dispersed workforce with increased cloud-based operations and Software as a Service (SaaS) applications.
Principle of Least Privilege (PoLP)
PoLP is a component of identity management. It involves granting users the minimal level of access needed to carry out their job. Meaning that an individual’s digital identity, and the accounts associated with that identity, are all initially given the minimum permissions to perform activities within any of the company’s applications, devices and networks. A change in permissions is authorised on an as needed basis.
Multi-Factor Authentication (MFA)
MFA is a prevalent method of identity verification. It is an extremely effective way to ensure identities are not being compromised by an unwanted user. MFA relies on the user to authenticate themselves by providing multiple verification factors, such as a password in conjunction with a hardware token, SMS code, voice call or biometric.
MFA is championed as one of the top methods for avoiding poor credential management. It is a crucial part of extending your security perimeters and ensuring that users are acting in the organisation’s best security interest.
Network and Micro-Segmentation
This approach involves splitting the network or data center into secured segments, which can then be carved down to the most granular level with the ability to isolate individual users, devices and applications. This creates attack resilience because each granular node is subject to its own assigned security policies and defence mechanisms 24/7.
Even if a user’s account is compromised, micro-segmentation ensures that the attack surface is reduced. The attacker cannot move laterally within the network or access any data that exists outside of the victim’s or device’s segment. Moreover, damages are minimised because the area that is under attack is more easily dealt with when cut off from the entire network.
Why should you care about Zero Trust?
The Zero Trust framework does just that. It balances the three pillars of strategy, mindset and technology.
For more information please contact our cybersecurity professionals today.
Recent news
Latest posts
Key Strategies and Best Practices for Enhancing OT Security
05 April, 2024
A Comprehensive Guide to Third Party Risk Management (TPRM)
26 February, 2024
