24 Mar Zero Trust Approach to Network Security
The NSA recently published a cybersecurity guide on “Embracing a Zero Trust Security Model”, that outlines how Zero Trust principles can better prepare cybersecurity professionals to secure sensitive data and enterprise networks. The White House is starting to push federal agencies towards Zero Trust in IT Security, according to Federal Chief Information Security officer Chris DeRusha. Zero Trust is not a new concept but the push for it comes after the well known Solarwinds attack, where up to 18,000 of SolarWinds’ customers downloaded updates that left them vulnerable to hackers. The customers included multiple federal agencies.
Zero Trust – really?
People naturally want to trust people and to be trusted by others, but that mindset cannot apply when it comes down to Network Security, and for good reason.
A Zero Trust model is based on verifying user identities before allowing them to connect to the company’s network. A large number of security breaches is due to human error and the point of the Zero Trust approach is to keep people outside your network until you have verified who they are. This approach makes it easier to keep intruders out of your network and avoid intrusions that can be financially damaging and time consuming.
Zero Trust is not just a specific tool, but an overall approach and framework on how to handle IT Security.
With the increasing sophistication in breaching systems methods in combination with the increase in endpoints within networks, and expansion of infrastructure to include cloud based applications, has made it harder to monitor, establish and maintain secure perimeters.
The approach to Zero Trust is to continually have the mindset that potential attackers exist both within and outside your network. Instead of viewing the attacker as an outside threat, we also should assume the attacker is already on the inside. No device or user should be automatically trusted when using this approach.
The approach: Never trust, always verify – a few examples
Examine all your access controls: Trusted sources no longer exist and every request for access must be authorized, authenticated and encrypted. You should always be under the assumption that attackers might already have access to your network.
Monitor activity in real-time: Consistently monitoring for malicious activity within the network will help prevent attackers lateral movements to other systems in your network. Real-time monitoring is crucial to detect intrusions quickly.
Utilize preventive techniques: Utilize MFA (Multi Factor Authentication) to confirm user identity and increase network security. The number of authentication factors has a direct proportional impact on network security. Reduce the lateral movement from an intruder by granting least-privilege access to users and devices. Utilize microsegmentation to maintain separate access to every part of the network. If a network is compromised the attacker is contained to the breached segment.
Holistic approach with Zero Trust: Zero Trust is not just one tool but a strategy that is incorporated in your overall IT Security Strategy.
The examples above should serve as a basic overview of the topic and there is a lot more to know about the concept of a Zero Trust strategy and how it can help companies protect their networks.
Want to learn more about Zero Trust and how your organization might benefit from it? Don’t hesitate to contact us today!