Written by George Wilkes on November 15, 2019
What Is Zero Trust?
The Zero Trust model has taken the industry by storm and redefined how organizations should approach cyber security. Having a grasp on what Zero Trust entails and understanding its importance, will ensure your are a step ahead of the rest.
The days of well-defined network perimeters, centralized IT, and offices are gone. The new reality is a digital enterprise landscape without perimeters in which customers, employees, and partners can connect from any location: a business that is everywhere. Outdated security models built on a trust but verify approach are no longer adequate and are, in fact, dangerous, easily exploited, and unnecessarily complex.
Zero Trust is a paradigm shift toward a never trust, extensively verify mindset — whether a user is privileged or not. According to Jason Garbis, AppGate VP of Products, and Co-Chair, Software-Defined Perimeter working group with the Cloud Security Alliance, “Zero Trust takes a different approach from traditional security — it never grants any type of access, either at a network or application layer — based on assumed trust. It requires that trust be earned through proactive device introspection, identity validation, and contextual analysis that is continuously re-evaluated using a contextual, risk-based approach”. The Zero Trust promise is based on three key security concepts:
- Secure Access – Zero Trust requires an identity-centric approach to authentication. Rather than a simple yes or no to confirm user access based on whether the IP address has privileges, it is dependent on the contextual variables surrounding a user’s access request.
Take a look as Jason discusses the topic in-depth on stage at the 2019 CSA Summit.
- Least Privilege – Once secure access is permitted to a user, the scope of that trust will continue to be limited. Users and devices are permitted to access only approved resources while everything else remains invisible and inaccessible.
With Optiv we discuss reducing attack surface and preventing lateral movement in this webinar.
- Visibility – In order to arm your analysts with timely and accurate data, your Zero Trust efforts should include the ability to view access request details for all North/South and East/West network traffic, empowering your SOC to make quick decisions for faster remediation and identify blind spots.
Understanding the Five Zero Trust Attack Surfaces
For those who prefer a visual, download our Zero Trust Infographic here.
Zero Trust protection can be evaluated across five typical attack surfaces:
- People Users are extensively verified by Zero Trust based on contextual variables, device security posture, and multi- factor authentication, only permitting conditional access to approved resources.
- Workloads The Zero Trust model requires making server ports invisible to prying eyes and further unifies privileged access to and between all heterogeneous environments, automating security to scale with workloads.
- Networks Zero Trust is able to limit access with network segmentation and confines lateral movement, keeping unauthorized resources invisible, across all environments. It ensures all access is trusted by continuously authenticating users and devices.
- Devices With a Zero Trust approach, networks are restricted entry by isolating BYOD and IoT devices to prevent lateral movement. For user devices, it neutralizes attacks and evaluates device security posture as criteria for secure access to workloads and data.
- Data Providing encrypted 1:1 tunnels to secure data flows, Zero Trust security limits and controls access to sensitive databases, and emulates data exfiltration techniques to unearth vulnerabilities before adversaries can take advantage.
Getting Started with Zero Trust
Zero Trust is a transformation of your security operations and supporting technology stack. The market today is ripe with vendors promising Zero Trust and a quick glance at the floor of any industry trade show, offers a first-hand view of the crowded nature of the cybersecurity marketplace.
We urge our customers to adopt a focused approach to Zero Trust, where priorities take precedent over pizazz. Our Zero Trust framework takes a straightforward approach that addresses critical flaws and complexity in today’s security organizations:
- Reducing the Attack Surface
- Securing Access to Critical Systems
- Neutralizing Adversaries
Since significant advancements in IT has left security in the dust, it is natural to want to accelerate your journey to Zero Trust. The AppGate Software-Defined Perimeter, offers a better approach to Network Security to replace or augment legacy solutions incapable of achieving Zero Trust. If you are serious about Zero Trust, we invite you to explore AppGate SDP, take it for a Test Drive or schedule time with an expert.