12 Mar Zero Trust Security 101 – The What, Why and How
What is Zero Trust Security?
Zero Trust is a security model/concept that requires all users inside and outside a network to be authenticated, authorised and continuously validated before being granted or maintaining access to applications and data. Zero Trust is one of the most effective ways for organisations to control access to their networks, applications and data. It combines a wide range of preventative techniques to deter attackers and limit their access in the event of a breach.
Zero Trust is a major change from traditional network security, which followed the trust but verify method. The traditional approach automatically trusted users and devices within a network which puts the organisation at risk from malicious actors and allows unauthorised access once inside a network. Zero Trust can only be achieved if organisations are able to continuously monitor and validate that a user and their device has the right privileges and attributes. One-time validation won’t work because threats and attributes change all the time.
Zero Trust is important due to the rapid adoption of cloud services and modern mobility. The scale at which organisations are increasing users, devices and leveraging cloud-based applications and services is making it more difficult to establish, monitor and maintain security perimeters.
Zero Trust Principles
Zero Trust is built on not trusting users, devices, networks and access to sensitive data based on any single one of those identity types and their associated attributes. The following are the main principles of Zero Trust:
- Adopt a holistic security strategy. Technology capabilities alone will not prevent breaches. Organisations must adopt a holistic security strategy that involves people, process and technology.
- Review all access controls. There is no trusted source. Assume potential attackers are present both inside and outside the network.
- Leverage a variety of preventative techniques. MFA, least-privilege access and micro-segmentation are just some examples of preventative measures.
- Enable real-time monitoring. Identify malicious activity quickly to detect, investigate and remediate breaches.
Creating a Zero Trust Environment
We recommend the following methodology to help develop and deploy a Zero Trust environment. This process helps identify your current state and where you want to go next:
- Identify the protect surface. Assess sensitive data, assets, applications and services (DAAS).
- Map the transaction and data flows. Determine where sensitive information lives and which users need access to it.
- Establish the architecture. Implement preventative techniques such as MFA, least-privilege access and micro-segmentation that gives you visibility and context for all traffic – across users, devices and applications.
- Monitor and maintain. Identify suspicious activity and inspect, analyse and log all traffic and data.