Perimeter-based security practices, designed and based on the concept of “trust but verify,” have been rendered obsolete now that IT infrastructures have become borderless. Bring your own device (BYOD) practices, cloud services, mobile everything and digital transformation have created a vast attack surface that cannot be walled off.
In response, organizations are moving from “trust but verify” to zero trust architectures. A zero trust information security framework assumes organizations should not trust any entity inside or outside of their IT infrastructure at any time.
As cited in a Cyber Security Hub article, zero trust architectures are based around the idea of “never trust; always verify” and are “designed to address lateral threat movement within the network by leveraging microsegmentation and granular perimeters enforcement, based on user, data and location.”
Therefore, implementing zero trust requires the ability to process vast amounts of telemetry data. Behavior analytics makes it possible to understand and take action on activity in real time. Combination of trust and analytics will eliminate passwords which is the biggest headache to companies
It all begins with context. By collecting context from disparate sources, including structured data, unstructured data and identity information, it’s possible to know who people are, who machines are, what access entitlements they have, and what they are doing in terms of activities and transactions.
All of this security soup can be linked together using algorithms and compared with each user or entity’s baseline behavior patterns — and even those of their peer groups — to generate a continuously updated risk score that increases when anomalies occur. This risk score can be used to create alerts, drive orchestration patterns and provide intelligence to downstream systems.
Getting Started With Zero Trust
There are five main steps for implementing zero trust security: identifying sensitive data, mapping the flows of sensitive data, architecting zero trust microperimeters, continuously monitoring a zero trust ecosystem with security analytics, and embracing security automation and orchestration.
Like any IT project, it’s best to limit the initial implementation of zero trust to a specific use case. This enables any stumbling blocks to be limited in scope and their impact on business operations. Also, working with technology partners experienced in deploying enterprise zero trust architectures can help avoid common pitfalls associated with do-it-yourself deployments.
Security-savvy organizations are recognizing the benefits of a zero trust architecture for shrinking their attack surface, as well as reducing friction for low-risk users, assets and activities. Meanwhile, the vast sources of data continuously being generated by devices and applications now make it possible to establish the context needed to operate on the “never trust; always verify” security principle.
What’s required, however, is specialized analytics that can transform lots and lots of data into intelligence that is actionable. Put another way, to implement zero trust architectures, we need to understand how risky something is — or how risky someone is — in order to apply the appropriate level of control to each user, entity and request.
Trust your perimeter with cautious .. Zero trust will ensure your security with verification