Το Zero Trust, που αναπτύχθηκε από τον διάσημο αναλυτή John Kindervag, είναι ένα στρατηγικό μοντέλο κυβερνοασφάλειας που προστατεύει κρίσιμα συστήματα και δεδομένα. Τα συστήματα που λειτουργούν υπό το πλαίσιο Zero Trust δεν εμπιστεύονται αρχικά την πρόσβαση ή τις συναλλαγές από κανέναν – συμπεριλαμβανομένων των εσωτερικών χρηστών πίσω από το τείχος προστασίας – και περιορίζουν την πρόσβαση στα δεδομένα για να ελαχιστοποιήσουν την ακτίνα μιας κυβερνοεπίθεσης.
Zero Trust architecture is widely regarded as the most effective approach to data breach prevention. So much so that the United States federal government enacted an executive order to improve the nation's cybersecurity, requiring federal agencies and contractors to begin strengthening their cybersecurity defenses and implementing a Zero Trust security model. Due to the increase in cyber threats and attacks on critical defense systems and infrastructure, the decree also strongly recommends that the private sector follow suit.
The Zero Trust app gives organizations visibility into their data and the activity around it, making it easy to spot suspicious behavior, even if other security controls have been breached. Here's everything you need to know about Zero Trust, including the benefits, limitations, and how to apply this framework to your organization.
What is the concept of Zero Trust?
Unlike traditional network security approaches that focus on keeping attackers and cybersecurity threats out of the network, Zero Trust follows strict authentication guidelines for every user and device attempting to access an organization's resources on a network, even if it is an employee, user or device within it. This model assumes that an organization's network will be breached or its perimeter will fail, challenging all users and devices to prove they are not attackers.
Zero Trust also limits a user's access from inside a network. This means that if an attacker has gained access to a network, they will not be able to move within the network's applications.
While traditional perimeter networks leverage firewalls, email gateways, and access controls to create multiple layers of security around the perimeter of a network, these security approaches are much more vulnerable to attacks from users and devices within the network.
How Zero Trust security works
Purpose of Zero Trust:
Zero Trust security is a holistic approach that includes multiple technologies and processes. Zero Trust security is designed to protect organizations from advanced threats and data breaches while helping to comply with FISMA, HIPAA, GDPR, CCPA and other key privacy or data security laws.
At the heart of Zero Trust is data security. Hackers are after the data. These include personally identifiable data (PII), protected health information (PHI), payment card information (PCI), intellectual property, and other data that organizations consider valuable. Zero Trust makes tracking data activity a priority.
To build the best Zero Trust security strategy, you should focus on these areas:
- Data: A Zero Trust approach starts with protecting data first and then building additional layers of security. If an attacker can breach your perimeter controls, exploit a misconfiguration, or bribe an internal user, they will have minimal access to valuable data under Zero Trust because there will be rules to detect and react to non- secure access to data before it becomes a major breach.
- Networks: Attackers need to be able to browse your network to steal data, but Zero Trust networks make this extremely difficult. By segmenting, isolating, and limiting your network with technology like next-generation firewalls, your Zero Trust network will be much more resistant to hackers and cybercriminals.
- Users: People are probably the weakest link in your security strategy. Strictly restrict, monitor and enforce how users access resources on internal and external networks. Verify all user activity on your network before trusting user access. Monitor users to protect against the rare but inevitable human errors. Whether you are the victim of a phishing attack or a proactive malicious insider, the concept of Zero Trust for users is critical.
- Workloads: By “workload” we simply mean the entire back-end application and software stack that allows customers to interface with your business. Out-of-date client-facing applications are a common attack vector. Treat the entire stack – from storage to operating system and front-end web interface – as a threat actor and protect it with Zero Trust compliant controls.
- Devices: The number of devices present in networks has increased in recent years. From smartphones and computers to connected IoT devices, every device is a potential entry point that attackers can exploit. To create a Zero Trust environment, security teams will need to isolate, secure, and control every device on a network.
- Visibility and analytics: To enforce the principles of Zero Trust, give security and incident response teams full access to your environment, including network activity and files. You can then use advanced threat detection and user behavior analysis to stay safe from any potential threat on your network to detect abnormal behavior in real time.
- Automation and orchestration: Automation helps Zero Trust security systems run continuously and enforce policies consistently. Humans cannot handle the volume of tracking events necessary to enforce Zero Trust. Automate as much of your threat remediation, monitoring and detection systems as possible to save your security and operations teams time and bandwidth.
Three principles of a Zero Trust architecture
Adherence to the three core principles of the Zero Trust security model is the foundation for creating its cybersecurity environment.
1. Secure and authenticated access to all resources is required.
The first key principle of Zero Trust is to authenticate and verify access to all resources. When a user accesses a shared file, application, or cloud storage device, reauthenticate that user's access to that resource.
You should consider any attempt to access your network a threat until proven otherwise, regardless of access location or hosting model. To implement this set of controls, use measures such as authentication and remote access protocols, perimeter security, and network access controls.
2. Adopt a least-privilege model for access control.
The least-privileged access model is a security paradigm that limits a user's access to only the areas and resources necessary to perform their job. Restricting individual user rights prevents attackers from gaining access to large amounts of data through a single compromised account. By restricting access to data, you are essentially creating micro-zones around the data, limiting cybercriminals' ability to access sensitive data.
The first step is to find out where you have sensitive data. Then identify that data that is exposed, to too many people, or to people who don't need access. The next step is to restore overly permissive access, which is a difficult but worthwhile measure. Create new groups and assign your employees to manage the groups' data and use them as a means of implementing least-privilege access.
Controlling access and group membership on a regular schedule puts administrators in charge of who can access their data. For example, make sure your IT team doesn't somehow have access to the finance team's data and vice versa.
3. Check and log every network and file event.
Data principles require inspection and verification of everything. But logging every network call, file access activity, and email transmission for potential malicious activity is a major undertaking that requires a combination of personnel and intelligently developed technology.
Monitoring and logging are arguably the most important principles of maintaining a zero trust model. By monitoring and analyzing data security in action, you can tell the difference between a normal login and a compromised user account - you'll know a ransomware attack is underway or if a malicious insider is trying to upload files to their cloud disk.
This level of cyber intelligence is hard to come by. Most tools in this category require coding overly complex rules or generate a significant number of false positives. The right system will use personalized baselines per user account and detect abnormal behavior based on each user's perimeter telemetry, data access, and account behavior.
Implementation of the Zero Trust model
Zero trust starts with data. Here are some basic recommendations on where to start and how to protect your data within it.
- Identify Sensitive Data. Find out where your sensitive data is. This can be internal departmental folders or places where you store PII or PHI. You need to know where your sensitive data is and who has access to it before implementing the appropriate Zero Trust protection measures.
- Limit Access. Once you've identified your sensitive data, make sure only the people who need access have access to it. This will limit the exposure of sensitive data and make it harder for hackers to gain access to it. You should review access rights at individual, group, and organizational levels.
- Detect Threats. Finally, you need to detect when suspicious activity is occurring with your data or networks. Continuously monitor and record all data access activities, including active directory, file and share access, and network perimeter telemetry. Compare current activity to baselines of past behavior and apply security analytics and rules to identify abnormal activity that may indicate active cybersecurity threats from internal or external sources.
Benefits of Zero Trust
Implementing Zero Trust can benefit your organization in many ways. Here are some of the key benefits.
1. Greater network and system visibility
Because Zero Trust never assumes that any device or user is trusted, you can decide which resources and activities need coverage in your security strategy. Ideally, all sources of data and computing should be protected. Once proper monitoring is in place to cover resources and activities in the Zero Trust framework, you will have even greater visibility into system activity. You'll now know the time, location and involvement of each access request, and you'll be better equipped to flag and react to suspicious activity.
2. A more secure remote workforce
Remote work has grown over the past couple of years, and with the increase in the workforce working from home, concerns abound. As users and devices access critical data from around the world and outside the physical workplace, implementing Zero Trust helps ensure the security of a distributed workforce.
Zero Trust goes beyond traditional firewalls and security measures that are not necessarily sufficient in a remote work environment. Under Zero Trust, identity is tied to the users, devices and applications seeking access, offering strong protection for work and data in any location.
3. Effective ongoing compliance
Zero Trust helps ensure continuous compliance across multiple industries and contexts. Every access request that is evaluated and recorded is an important aid in documenting compliance. Tracking the time, location and applications involved in each access request creates a seamless and transparent audit trail.
With continuous compliance, audits are streamlined as there is a visible chain of evidence for all access requests. This minimizes the effort required to produce evidence, making governance operations faster and more efficient.
Limitations of Zero Trust
It is important to remember that the zero trust model is not just a magic bullet in defense against cyber risks. Listed below are potential limitations to be aware of when implementing a Zero Trust model.
1: Addressing BYOD trends and workplaces
In the era of bring-your-own-device (BYOD) policies and environments – along with the “always-on” mentality of many remote workers – organizations must allow greater flexibility in accessing data and systems. Each device has its own properties, requirements and communication protocols, which must be monitored and secured under the Zero Trust model. While this is more than doable, it may require more upfront work to configure Zero Trust security measures in a heavily BYOD-based workplace.
2: Calculation of the large number of applications
Another challenging factor to consider when adopting Zero Trust is the number of communication and collaboration applications you use across the organization. You probably use flexible cloud-based applications, but a large number of applications in use can make implementing Zero Trust a difficult task. Consider which third parties handle your data, how it's stored, and whether or not each app is necessary before placing 100+ apps in your technology stack, all of which should be monitored and secured to Zero Trust standards.
3. Authentication does not distinguish intent
Unfortunately, even if users are fully authenticated, Zero Trust cannot determine their intentions. Malicious internal users seeking to harm their organization may still be able to access the data or systems they are authorized to access. The same principle applies to public-facing web applications. Some users can register for accounts, provide the correct information and gain appropriate access. But that doesn't mean they don't have malicious intentions to compromise systems or data with the access they gain.
Due to evolving cyber threats, the rise of remote work, and the explosion of BYOD and IoT, the Zero Trust model will continue to evolve. A data-driven approach to security is essential to Zero Trust. The more organizations know where their most sensitive data is, who can access it, and what they are doing with it, the more effective their defenses can be against today's sophisticated threats. By implementing a Zero Trust architecture, you will limit the threat radius and damage of a potential cyber attack and take significant steps toward optimally addressing cyber risks.