Supporting the Pillars - What Should be in Your Zero Trust Strategy?
Anyone who moves in security circles is certainly on first-name basis by now with the term “Zero Trust.” The phrase has gone from new coinage to headline status in just a few years, spurred by the limitations of traditional approaches that depend on trusted individuals and perimeters to keep organizations secure.
More than just a hot buzzword, Zero Trust is the idea that no one and nothing should be trusted until it’s been proven worthy of that trust. In a Zero Trust network architecture (ZTNA), every single connection—including those within the network—must be verified. Access to any and every resource is granted on a least privilege basis only.
This differs vastly from the perimeter security model of old, wherein once something or something was granted access, it was considered safe. It likewise differs from the “trusted user” model, that grants users broad access privileges once they’re signed into the enterprise network. The fallacy of these outmoded security models has been demonstrated time and time again, as organizations continue to fall prey to incredibly damaging cyber attacks – including insider threats.
Enabling Zero Trust - For Real
Zero Trust is the right security approach for modern cloud-based and hybrid environments, where physical perimeters are – if not a thing of the past -- certainly not what the future will look like. But while this new security model will carry organizations into the new decade and beyond, it's important to note that Zero Trust is a strategy, not a specific technology. Thus, to implement a Zero Trust approach, organizations need the right set of tools.
It’s no surprise that a whole lot of vendors have laid claim to Zero Trust principles. But while they purport to enable Zero Trust, it’s important to realize that to be a real player in this arena, a solution must to offer certain capabilities and characteristics, which we’ll call the Pillars of Zero Trust Network Access.
The Pillars of Zero Trust Network Access
Depending on who you ask, there are between 3 and 5 pillars of a Zero Trust strategy, although however, they are divided, they all encompass the same requirements. For our purposes, we’ll go with the middle ground and take a four-pillar approach:
- All traffic should be considered untrusted, everything is considered suspicious
- Access is granted to users only following authentication and to resources exclusively on a least-privileges, need-to-use basis
- Resources must be accessed securely, regardless of where they are located
- Risk and trust assessment are performed at the earliest stage, as well as throughout the process
It’s these practices, together, that create a Zero Trust network access strategy. So when a vendor claims that their solution helps create Zero Trust, it’s important to understand how the offering aligns with these pillars—if it does at all. Fortunately, there are many solutions that truly help organizations create robust practices based on the above pillars. Here let's look at three solutions that can help deliver elements of Zero Trust Network Access in tangible ways:
The Software Defined Perimeter
The first solution we’ll look at is the Software Defined Perimeter, or SDP. Developed by the Cloud Security Alliance (CSA), this access approach relies on user identity at its core. SDP is essentially a broker that sits between internal resources and users. In order to gain access to a specific resource, a user must meet certain requirements. If they can’t meet them, access is denied.
Moreover, networks are segmented at a granular level to prevent broad access. This means that even once someone has been granted access, they cannot move laterally without authenticating again to gain access to the next needed resource or application. This approach dramatically cuts down on the severity of any attack launched by an insider, since each individual will have access to only a very limited set of resources and data.
Today, the most common way to provide remote access to resources is via VPNs. But while VPNs remain an important part of the traditional perimeter security model, they can’t handle security challenges of the cloud by, for example, enabling granular application control.
Users first connect to the exposed IP address of the VPN gateway. Only then, only after they have been admitted to the network, are they are evaluated for access to specific applications, which will permit the user to move deeper in. However, once a user -- or an attacker -- makes their way past the VPN gateway onto the network, the IP addresses of all resources in the network are visible to them. In an SDP-enabled Zero Trust environment, visibility and access are enabled only after the user is authenticated and permission policies are checked.
Microsegmentation for Application Access
Like SDP, microsegmentation leverages the principles of user identity, authentication and least-privilege access. It adds simplified ZTNA features that enhance security, but does not require wholesale replacement of network infrastructure.
Microsegmentation separates a network into extremely granular segments. Once resources are microsegmented, access to each segment can be restricted based on a user’s identity as well as other factors – such as whether they are trying to access the segment remotely via a VPN gateway or via an internal office connection. Microsegmentation approaches, combined with Identity and Access Management, can be used to essentially create “networks of one” comprising the apps that each specific user is entitled to access. All other users, including cybercriminals, are effectively blocked from apps they are not authorized to use. While apps are still visible to authenticated users, microsegmentation reduces the likelihood that cybercriminals will successfully hack into an app by strictly limiting the number of users, and imposing strong authentication processes.
Remote Browser Isolation
The next element that is crucial for a Zero Trust strategy is Remote Browser Isolation (RBI). To loosely quote Gartner, “The Internet is a cesspool”. Yet, users need to regularly access the internet for their work. If you're Zero Trust strategy doesn’t address the dangers of the web, it’s missing a critical element of protection. Today, according to Kaspersky, almost 50% of threats emanate from the web. Allowing users to surf the web unprotected is more than just risky—it goes against the very concept of “trust no one”.
With RBI, all content is opened in isolated browsers that are disposed of at the end of each browsing session. Only a clean, interactive, threat-free stream of content is sent to endpoint browsers. This means that no web content —good or bad—is ever trusted to reach the endpoint.
Ericom Shield Zero Trust RBI also isolates websites opened from URLs embedded within emails, as well as files that are attached or linked from emails and websites. Finally, uncatalogued URLs in emails can be opened in read-only mode, to prevent credential theft. RBI thus cuts off the web as a threat vector, which means a significant reduction in the likelihood of a successful attack.
Bringing Home Zero Trust
You know the importance of creating a true Zero Trust strategy. But to do that, it’s important to understand how each solution fits into the framework. Keep the four pillars in mind as you explore potential solutions and you’ll be on your way to building a true Zero Trust strategy.