As humans, the concept of trust is complex. Trust is a foundation of connection with others, yet deciding who, what, and when to trust is a deep and nuanced part of life. We all demonstrate trust (often without proof) in many daily interactions—we trust that drivers will obey traffic rules and we trust that our alarms will wake us in time for work. But there are also times when we should demonstrate zero trust.
One of these times is with our network security. Enter the “Zero Trust” architecture model. Created in 2010 by John Kindervag during his time at Forrester Research, the model is based on the realization that traditional security models operate on an outdated assumption that everything inside an organization's network should be trusted. It shouldn’t.
The reason why is the landscape in which we do business today. Cybercriminals have become more skilled and sophisticated in their attacks. We see cybersecurity spending on the rise at the same time we see a rise in breaches and attacks. Something isn’t working and the Zero Trust model is one potential solution. It’s a holistic approach to network security that requires strict verification for every person and every device that accesses your resources.
Just over a decade since its inception, the Zero Trust model has never been more relevant. In fact, we’ve recently seen the National Security Agency (NSA) “strongly recommend” a Zero Trust security model for its own critical networks and the National Institute of Standards and Technology (NIST) recently published a Zero Trust framework.
In this post, we introduce you to the concept of Zero Trust and share several reasons why it’s time to consider adopting the model across your own business for enhanced security in a threatening world.
What is Zero Trust security?
Zero Trust is not a specific technology or tool. You can’t simply implement and configure it. Rather, it’s a holistic, organization-wide approach to enhanced network security. Essentially, Zero Trust is all about access and solving for the “weakest link” problem at your business. The Zero Trust approach is a technology security model that requires strict identity verification for every person and device that attempts to access resources or data on a private network.
It’s helpful to compare the Zero Trust model to a more traditional network security approach. Often, security is built around the idea that it’s hard to obtain access from outside the network, but everything (and everyone) inside the network is trusted by default. Unfortunately, we can no longer operate this way. Disgruntled, profit-driven, or even well-meaning employees with poor practices can all compromise your system. Zero Trust security builds a robust level of verification into people, devices, and interactions both outside and inside your network.
Zero Trust presents a new paradigm for cybersecurity; it assumes that every user, network, and device is compromised and presents a risk. Users and devices must first prove their authenticity before accessing the system. If we move a step above, a Zero Trust architecture is one that follows the same logic but at the relationship, workflow, and access policy level.
Why NOW is the Time to Adopt Zero Trust
Zero Trust security models will benefit organizations of all sizes and industries. Here, we present four reasons why your team should consider this model today.
To Respond to the “New” Network Perimeter
Today, your critical business data resides in more places than ever before—on-site, off-site, and most likely in more than one cloud location. This is especially true following the sudden work-from-home transformation of the pandemic. Which means that your traditional on-site network perimeter no longer really exists. As cyberattacks against businesses increase in frequency and sophistication, it's critical to protect your new network perimeter. One effective way to do so is through the robust control and identity management processes and policies of a Zero Trust security model.
Because of the Rise of Ransomware
A rise in devastating ransomware attacks is one of our unfortunate predictions for the cybersecurity landscape in 2021. It’s all too common these days: A TechRepublic survey of 500 business executives found that nearly half of respondents had already been hit by ransomware and nearly three-quarters ended up paying the ransom to recover their data. Recently, ransomware attacks have started to target data centers—with major centers like Equinix and CyrusOne suffering attacks as well as the data centers for organizations like Norsk Hydro, the University of California, San Francisco, and even the Texas court system.
With Equinix, for example, the data center provider suffered a ransomware attack in late 2020 that affected only its own system, not its customers. According to a report, a note threatened that Equinix’s encrypted files would be posted online if it didn’t pay the ransom $4.5 million, or 455 bitcoin, within three days of the attack.
We don’t want you to ever find yourself in this scenario with your own data center. Securing your network with Zero Trust can keep ransomware, and its many variants, out.
To Prevent Insider Attacks
As we mentioned above, a Zero Trust security model solves for the “weakest link” problem at your business. In some cases, this means your own team. Even though employees might be considered known "insiders", this doesn't mean you should employ absolute trust in their actions.
While few nefarious employees may attempt to profit from the company by stealing data, far more can put your operations at risk unwillingly through poor practices or as a result of limited training and support. By limiting access to both insiders and outsiders with a Zero Trust approach, you reduce the risk of intentional and unintentional data leakage.
To Limit Damage from Ongoing Attacks
Finally, in the worst-case scenario that your business does fall victim to an attack or intrusion, a Zero Trust model can mitigate damage by denying access by default to attackers who do manage to find a way in. A Zero Trust model is a more realistic approach as it assumes that an attack is not a matter of “if” but, unfortunately, “when”.
TechRepublic has a helpful “cheat sheet” about how your business can adapt your security posture to a holistic, Zero Trust environment. In summary, the five proposed steps to building a Zerto Trust environment include:
“Step 1: Segment the network.” Zero Trust security will limit access to areas that people really and truly need to have access to. It also helps eliminate the possibility that an attacker can move about should they gain access to one secure area of the network.
“Step 2: Implement access management and identity verification.” Multi-factor authentication is a key part of all security policies, including Zero Trust. Also key is clearly defined roles and responsibilities for staff members, including your technology team.
“Step 3: Extend the principle of least privilege to the firewall.” Zero Trust takes into account not just people and devices but also the traffic it generates. Firewall rules can help restrict this traffic, as it’s “better to have to unblock a port later on than to leave it open from the get-go and leave an open path for an attacker.”
“Step 4: Firewalls should be contextually aware of traffic.” This includes both inbound and outbound traffic and checking against blacklists and other DNS rules.
“Step 5: Gather, and actually analyze, security log events.” Because Zero Trust requires constant analysis, it generates a lot of data that can be used to further reinforce and optimize your security.
It may sound complex. However, the experts at N8 Solutions are here to help you navigate the ins and outs of a unique Zero Trust environment and adopt the right architecture to better protect your data and your people.
Please get in touch with us anytime at (262) 288-1501 or via this form to get on your way with Zero Trust. You can trust us with Zero Trust!