Gartner: “By 2023, 60% Of Enterprises Will Use the Zero Trust Security Model”
The research company Gartner, in its status report Zero Trust Architecture and Solutions, predicted the future of ZTA. By 2023, 60% of organizations will use a Zero Trust security model instead of virtual private networks. This is because the network infrastructure of enterprises is becoming more complex, and many employees work remotely. There are more loopholes for hackers to break into a corporate network and steal data. The Zero Trust approach to cybersecurity is designed to protect businesses from today’s threats. Let’s take a closer look at how it works.
Why new methods of protection are needed
Traditional security methods are based on logins and passwords for entering a corporate network. Firewalls prevent unauthorized persons from entering the system. Virtual private networks (VPN) controlled by IT departments strengthen protection.
When employees began to work remotely using tablets and smartphones, the security situation changed. Now it has become more difficult to allow access to corporate information only through company computers.
The transition to cloud infrastructure is another challenge: new yet not always reliable ways of exchanging data have appeared. IT professionals often block any suspicious traffic, which prevents remote work.
Sometimes hackers gain access to data through employees themselves. Malefactors send phishing letters, get logins and passwords, and access corporate networks.
Awareness of the fact that threats can come not only from the outside but also from the system itself, led to the emergence of the concept of Zero Trust in cyber resilience.
Zero Trust: a way to strengthen corporate security
Today, companies are rethinking the security of corporate networks, starting from the principles of Zero Trust.
Zero Trust is not a system or program, but rather a set of rules and guidelines on how to secure a corporate network. The essence of the concept is “trust but verify”. And more precisely, “first check, then double-check and keep checking until you reach Zero Trust”.
When people first implemented network security, they created a perimeter within which everyone trusted each other and had shared access to resources. The concept of Zero Trust, on the contrary, is based on a distrust of everyone and everything that is inside or outside the network perimeter.
Zero Trust security vendors evaluate anyone who tries to connect to the system, be it a local, cloud, combined, or hybrid one.
Source: microsoft.com
Zero Trust Model Philosophy
Zero Trust model users adhere to the following principles:
1. Permanent access control.
There are no reliable sources in the Zero Trust model, all of them are questioned. Each request to access a system is authenticated, authorized, and encrypted.
2. Preventive methods of protection.
To stop or mitigate intrusions, Zero Trust security vendors use a combination of the following ways of protection:
- multi-factor authentication,
- least privilege access,
- microsegmentation,
- email protection,
- orchestration,
- encryption,
- cloud access security brokers, etc.
3. Regular monitoring of threats.
This is important to shorten the “breakout time” — the gap between when a hacker breaks into the first system and when they move on to other systems on the network. Constant monitoring helps to repel threats when their scale is still minimal.
4. Consistency with the security strategy.
The Zero Trust security model is part of a comprehensive cyber resilience strategy that involves monitoring and addressing threats. Companies also check and update old authentication protocols, and fix and update all devices, programs, and firmware as soon as critical vulnerabilities are found.
Source: xylos.com
Zero Trust as a Security by Design representative
The concept of Zero Trust represents built-in security (Security by Design).
Security by Design means implementing security from the beginning of development to make a product as resistant to vulnerabilities as possible. To do this, developers use DevOps, the CI/CD pipeline, continuous testing, secure authentication, and other practices.
With the Zero Trust method, it turns out that in a secure system, trusted applications are created by default. Such protection is difficult to crack.
4 steps to implement a Zero Trust model
Since companies have different IT infrastructures, there is no standard approach to implementing Zero Trust. Each company must evaluate its capabilities and risks of threats to understand what methods and tools can protect the corporate system.
Here are some general guidelines for getting started with Zero Trust:
1. Evaluate your current security system.
Review all company credentials, delete irrelevant entries, and check access rights. Analyze existing security tools and infrastructure weaknesses.
2. Create a data catalog and compare the streams of reception and transmission of information.
Determine where corporate information is located and which users need access to it, how many service accounts you have, and where to connect them.
You should check the authentication protocols and resolve connectivity issues with legacy systems. Make a list of all cloud services and open access to low-risk resources. Delete outdated accounts and make sure you change your passwords regularly.
3. Perform preventive maintenance.
Implement multi-factor authentication and give users the least possible level of access. If hackers access the network, they will not be able to go beyond the established privileges.
Microsegmentation is also effective: the network perimeter is divided into zones, and users need access to each of them.
4. Provide continuous monitoring of the network.
Regularly check, analyze, and log traffic and data. Note anomalous activity and suspicious traffic in the authentication logs.
Source:protiviti.com
Roadblocks to Zero Trust
These steps to implement a Zero Trust model seem logical and understandable, but in practice, companies face the following difficulties:
Technical debt. When a company works with its own outdated programs, it gets into a situation of technical debt, which prevents the implementation of Zero Trust.
Legacy systems for which the least possible level of access cannot be granted. Such systems are more difficult to monitor: you can register request protocols and network traffic, but the ability to respond to them is limited.
P2P technologies. In order not to reduce bandwidth, the developers of Windows 10 created peer-to-peer technology for sharing updates between peer-to-peer systems. This movement of data is not controlled, which contradicts the Zero Trust model. Therefore, if the organization has P2P or mesh networks, it will be more difficult to implement the Zero Trust model.
Financial restrictions. Cloud, DevOps, and IoT alone do not support the Zero Trust security model, which requires additional technologies.
Conventional thinking. Another challenge when moving to Zero Trust is getting employees to think in new ways. IT professionals trust proven technologies. When operating under the Zero Trust model, they need to change their mindset and question all members of the corporate network.
Conclusion
Strengthening IT infrastructure can be a challenge for users. To observe the balance of security and convenience, flexible approaches to protection are needed. Zero Trust can make a company immune to cyber threats.
If you want to enhance your company’s cyber security, contact a reliable software development company and it will provide the best protection for your business.