Cyber Security has been one of the top priorities for enterprises globally, irrespective of the industry segment, domain, size, and scale in this digital driven business era. In the traditional world, perimeter was well defined and crown jewels of the organizations were well protected by creating Castle and Moat architectures and all users accessed information on-premise with no remote access. This was followed by a phase, when access was extended to connect unsecure remote locations to highly secure locations, where the core applications resided.This included access of employees, mobile workers, customers, and others.
In this present business world, which is driven by digital transformation, we have multiple platforms, tools, teams and technologies. This has created a massive attack surface, with no single policy, view or point of enforcement, which has led to low visibility and control. The perimeter has become vague and complicated with liberation of IT infrastructure, applications, data and now people across all the organizations working from home.
IT leadership in every single enterprise has been working relentlessly for the past few months to design, build and operate effective and secure infrastructure for employees, suppliers and purchasers working remotely. This mass scale change in access methodology has brought about compelling transition from‘trust but verify’to ‘trust nothing, always verify’approach. This new approach is based on ‘Zero Trust Model’, which ensures secure access based on three key concepts.
1. Trust nothing
2. Continuous authentication
3. Least privilege access
Zero trust network access provides controlled access to organization’s resources, thus significantly reducing the surface of attack. The isolation created between the un-trusted location (Homes, Public Places,etc) and the trusted location (where Enterprise Applications reside, Corporate Datacentre or Cloud)reduces the need to expose applications directly to the internet.
How Zero Trust Secures An Organizations Network?
Based on a survey in 2019, a report was published where more than 170 experts participated from government agencies and IT sector, 68 percent from government agencies and 74 percent from the IT sector showed an inclination towards securing their networks using Zero Trust. In 2020 the number has only increased. There is a valid reason for it too. A threat actor can by any means take control of any system well within a secure network because a user can login into the network from any location via any system that is vulnerable to attack. This is where one would require the implementation of zero trust model where monitoring is done based on various factors as opposed to the traditional security model. This is because the legacy or traditional TCP/IP network was built at a time when trust could be assumed, but things have changed significantly.Now however systems should first authenticate the user then grant access rather than doing it the other way round. It’s not just remote working that makes one think about network security. The transition from legacy systems to the cloud has also opened a plethora of opportunities to not just change the work experience but also vulnerability, as the cloud is outside the traditional network perimeter that can be accessed by any user from any location and any network which aren’t secure.
The increase in the number of threats since the beginning of 2020 that include remote working, rise in phishing attacks and data breach have all led to CISOs turning towards Zero Trust as this concept is network centric. Zero Trust concentrates on data, assets, applications, and services which isunique to every organisation. This helps in deriving agility, elasticity, and scalability from hybrid multi-cloud adoption and work from anywhere models.The technologies practices of Zero Trust include -Micro segmentation, Multi Factor Authentication (MFA), Identity Access Management (IAM), Privileged Access Management (PAM), Monitoring and Analytics, Orchestration, Encryption, Network access control (NAC), Mobile device management (MDM) and File System Permissions.
Recommendations for Zero Trust
Cybersecurity experts have come up with many recommendations to make Zero Trust a success and few are listed below:
• Update network security with next-generation firewalls.
• Use sandbox control to detect unknown threats.
• Control user access to applications and resources by implementing protected enclaves.
• Implement an incident management system to minimize the impact of individual incidents.
• Monitor partners’ security postures using a cloud-based service.
• Deploy a backup, cloud-based DDoS mitigation service.
• Deploy a non-signature-based endpoint malware detection control.
• Deploy a cloud services manager to discover, analyse, and control shadow IT.
It may have been a decade ago that the term Zero Trust model was introduced, butit has become extremely relevant in the present times of global pandemic, where WFH has become a norm and the concept has revolutionised organization’s thought process to become Holy Grail of Cybersecurity, as nothing seems as‘Zero Trust’.