What is Zero Trust Security? | Cloud Security for the modern workplace

Zero Trust Security is a cloud security strategy which does not trust anyone (user, app, service, or device) by default from inside or outside the IT network. It was first coined as a term and proposed by Forrester Research analyst John Kindervag in 2010.

Studies have shown that the average cost of a single data breach is over $3 million. Zero Trust Security is an added layer of security which has effectively prevented data breaches, which strongly motivates many organizations to adopt a Zero Trust Security policy.

The Zero Trust Approach

Zero Trust Security is a shift away from the traditional IT security strategy of “trust but verify”, to “never trust, always verify.” In the Zero Trust model, no user or device is trusted to access a resource until their identity and authorization are verified.

This process applies not only to every person or endpoint outside a network. It also applies to those normally inside a private network, like an employee on a company computer working remotely from home or at a conference past national borders. Even if you have accessed the network previously, or have done so many times, it makes no difference — your identity is not trusted until verified again. It assumes that every machine, user, and server to be untrusted until proven otherwise.

Simply put: Zero Trust Security architecture trusts no one and nothing, compared to traditional IT network security which trusts anyone and anything inside the network.

Zero Trust in practice

Zero Trust Security requires all users, whether inside or outside the organization’s network perimeter, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted access to resources on a private network, such as applications and data.

Trust must first be established based on the entity's context and security posture, then continually reassessed for every connection, regardless if the entity had already been authenticated before.

Zero Trust Security assumes that there is no traditional network edge that clearly separates the outside and inside of a network; networks can be local, in the cloud, or a combination or hybrid with resources anywhere as well as workers in any location. This makes it ideal for strengthening cloud security.

While Zero Trust Network Access (ZTNA) is one of the main technologies associated with Zero Trust architecture, Zero Trust security is a holistic approach to network security with several different principles and technologies.

Recognized organizations have created a set of standards to help other organizations align with Zero Trust.

Traditional IT Network Security before Zero Trust Security

Before the concept of Zero Trust, traditional IT network security adopted a castle-and-moat security model.

In this model, just like attempting to cross a moat to enter a castle, it is difficult to access the network from outside the network, but once inside, everyone within the network is trusted by default. The approach to cybersecurity considers everyone outside the "moat", the network perimeter, as "bad", and everyone inside as "good".

Following the “trust but verify” model, traditional network security automatically trusted users and endpoints within the organization’s perimeter, if someone had the correct user credentials, they were admitted to whichever site, app, or device they were requesting.

Problems with traditional IT network security

The castle-and-moat security however resulted in an increased risk of exposure to malicious internal actors and legitimate accounts compromised and taken over by malicious actors. Once within the network, malicious actors could access resources and high-value business assets, such as customer data, or launch malware and ransomware attacks. What was once the trusted enterprise zone of control was dissolved, leaving many organizations more vulnerable to data breaches and cybersecurity attacks.

Problems arising with the digital transformation of the current workforce

The vulnerabilities of traditional IT network security are worsened by transformations in the modern workplace triggered by the Covid-19 pandemic in 2020, such as:

• mass cloud adoption to store information off-premises

• the increasing distribution of the work environment to enable remote work

With the modern workforce now increasingly mobile, the network perimeter no longer exists in the way it used to. Where people do their work has now moved beyond the four walls of an office, and outside of a single business perimeter. Users and applications are now just as likely to be outside of the network as they are inside.

Additionally, information is now spread across cloud vendors instead of storing data in just one place. This, coupled with workers accessing applications and cloud services from multiple devices outside of the business network, introduces more weaknesses in the perimeter that malicious actors can exploit, making security more difficult.

Therefore, the Zero Trust Security framework uniquely addresses modern digital transformation and business challenges in the current state of the workplace. It secures infrastructure and data for remote workers, hybrid and multi-cloud environments, and prevents cybersecurity threats enabled by gaps in traditional IT network security.

Zero Trust Security seeks to address the following key principles:

1. Continuous verification: Always verify access, all the time, for all resources.

3. Limit the “blast radius”: Minimize impact if an external or insider breach does occur.

5. Automate context collection and response: Incorporate behavioral data and get context from the entire IT stack (identity, endpoint, workload, etc..) for the most accurate response.

Continuous Verification

Based on the principle of "never trust, always verify", Continuous Verification as part of Zero Trust Security does not trust any entity at any time by default, including zones, credentials or devices. To continuously monitor and verify an extremely broad set of assets, several key elements must be in place:

• Risk based conditional access: Workflows are only interrupted when risk levels change, allowing continual verification, without sacrificing user experience.

• Granular context-based policies to protect data: Zero trust policies verify access requests and rights based on context, which refers to user identity, device, location, type of content, and the application being requested. These policies must be adaptive to continually reassess user access privileges when context changes

• Rapid and scalable dynamic policy model deployment: This enables the deployment of granular context-based policies as previously stated. It also allows policies to account for other factors such as risk, compliance and the IT requirements of individual organizations regarding frequently moving workloads, data and users.

Limit the Blast Radius

If a breach does occur, minimizing the impact of the breach is critical. This is accomplished by limiting the attack surface in Zero Trust Security, which refers to the scope of credentials or access paths for an attacker. Systems and people hence have more time to respond and mitigate the attack.

Ways to limit the radius include:

• Identity based segmentation: Traditional network based segmentation can be challenging to maintain operationally as workloads, users, data, and credentials change often.

• Enforcing the least privilege principle: Whenever credentials are used, including for non-human accounts (such as service accounts), these credentials are only given access to the minimum capability, or the least privilege, required to perform the task. This prevents malicious actors hacking into networks by using service accounts, which tend to be granted more privileges than necessary and not monitored, making them easily exploitable.

• Direct user-to-app and app-to-app connections: Users connect directly to the apps and resources they need, never to networks. This eliminates movement within the network and prevents compromised devices from infecting other resources. Users and apps are also invisible to the internet and are shielded from being discovered or attacked. This eliminates the attack surface and reduces security risk.

• Terminate every connection: Zero trust solutions terminate every connection that any type of traffic passes through, to inspect it in real time with inline proxy architecture. This happens in real time before it reaches its destination, preventing vulnerabilities in technologies such as firewalls which traditionally use a "passthrough" approach. A "passthrough" approach inspects files as they are delivered, but this comes too late as the detection of a malicious file usually comes when the file has already entered the network. Terminating every connection therefore helps prevent ransomware, malware, and other security attacks.

Automate Context Collection And Response

To make the most effective and accurate decisions, more data helps so long as it can be processed and acted on in real-time. Doing so improves the security policies which are part of the Zero Trust Security framework, and automating data collection accelerates the speed at which security policies can adapt to changes.

Data sources include:

• User credentials – human and non-human (service accounts, non-privileged accounts, privileged accounts – including SSO credentials)
• Workloads – including VMs, containers, and ones deployed in hybrid deployments
• Endpoint – any device being used to access data
• Network
• Data
• Other sources (typically via APIs):
  • SIEM
  • SSO
  • Identity providers (like AD)
  • Threat Intelligence

Instead of one discrete technology, Zero Trust architecture uses a variety of security controls and principles to address common security challenges using preventive techniques.

Different implementations of its principles include Zero Trust architecture, Zero Trust Network Access (ZTNA), Zero Trust secure web gateway (SWG), and microsegmentation.

As a core concept, Zero Trust Security assumes every component or connection is hostile by default, departing from earlier models based on secure network perimeters.

Zero Trust architecture requires organizations to:

1. Know about all of their service and privileged accounts, and establish controls about what and where they connect.

This requires visibility of on-prem, cloud environments and IoT devices into hundreds of user and application identity attributes.

Examples of these attributes are: user identities, credential types and privileges, typical behaviour and connection patterns of devices, endpoint hardware types and applications installed on the endpoint, geolocation, authentication protocols, etc.

2. Continuously monitor and validate that a user and their device have the right privileges and attributes.

This requires control of network flows between all assets, such as what and where all existing service and privileged accounts can connect to. One-time validation simply won’t suffice, because threats and user attributes are all subject to change in a dynamic and dispersed modern IT environment.

Hence, continuous monitoring and validation of user and device privileges and attributes is essential, with a robust cloud workload needed to verify a large number of identities and grant access to the cloud.

3. Enforce policy that incorporates risk of the user and device.

Such policies must take into consideration compliance or other requirements to consider prior to permitting the transaction. This is accomplished through:

• Granular access policies (application access vs. access to the entire network)
• Least-privilege user access to all applications (IaaS, SaaS, and on-premises)
• Verifying the hygiene of assets and endpoints before they connect to applications.

Additional functions of Zero Trust Security architecture also include:

• Network segmentation as well as application-layer segmentation
• Authentication and authorization, including multi-factor authentication (MFA), where validation is based on context, such as user, identity, device, and location.
• Edge security

1. Reduces the Risk of a Data Breach

Zero Trust architecture inspects every request, authenticates every user and device, and assesses all permissions before granting access, and then continually reassesses trust as context changes. Furthermore, Zero Trust models create one-to-one secure connections which do not allow lateral movement. Thus, an attacker is unable to access or steal data if they cannot establish trust, even if they gain entry to your environment.

Reducing security risk is also accomplished through granular access control over cloud and container environments to reduce risk.

Applied across an IT ecosystem, zero trust can offer granular protection and control over defense areas such as:

• Applications
• Data
• Endpoints
• Identities
• Infrastructure
• Network

This minimizes risk in a number of ways, such as:

1. Establishing a baseline of how assets normally communicate in any one environment, to then eliminate overprovisioned software and services to reduce vulnerabilities.

3. Controls that stop communications between all applications and services until they are authenticated in line with predefined trust principles.

5. Microsegmenting your IT network, which minimizes the attack surface in event of a security attack, by restricting the breach to a small area. Hence, this mitigates the impact, reducing cleanup time and cost of recovery, along with the risk of data breaches.

2. Secure application access for employees and partners to thwart malicious attacks

Zero Trust security enables users and devices to connect safely and easily to the internet, regardless of where the access request comes from, unlike complicated traditional IT approaches. Zero Trust Security can also proactively identify, block and mitigate targeted cybersecurity attacks. It can improve security postures, minimize risk and complexity, while reducing the risk of malware and delivering a consistent user experience through granular security policies.

3. Reduces complexity and saves on IT resources

Enterprise access and security is complex and constantly changing. Changes and deployments with traditional enterprise technologies often take days (and often across many hardware and software components) using valuable resources. A Zero Trust security model can reduce architectural complexity.

4. Most effective IT security strategy in cloud environments and IoT

With the prevalence of remote work in today's cloud environments, a Zero Trust Security model is currently most effective at ensuring cloud security. This complicates traditional IT network perimeters, which are increasingly harder to monitor and higher risk. They are simply no longer compatible with today's digital business models.

Current IT environments have a wide range of users from inside and outside the network, with data stored both inside and outside the cloud network. This makes it essential to never trust any connection without proper visibility and verification of users. This reduces the risk posed by vulnerable devices, including IoT devices. and decreases the likelihood of cybercriminals stealing, destroying or ransoming sensitive business data, such as personal identities, intellectual property (IP) and financial information. Hence, maintaining internal IT security becomes much easier.

In conclusion, the Zero Trust Security model is hence best suited to maintaining the security of modern IT environments compared to traditional security approaches.

Zero Trust Security is a comprehensive security solution for a variety of devices and systems. A few specific use cases for Zero Trust include:

1. Addressing specific key threats

Specific threats include:

• Ransomware – a two-part problem involving code execution and identity compromise
• Supply chain attacks – usually target unmanaged devices and privileged users working remotely
• Insider threats – accomplished through social engineering of users inside the network. Dealing with this requires the analysis of behavioral analytics for remote users, which poses additional challenges.

2. Protect complicated infrastructure deployment models

These can include some or all of:

• Hybrid and multiple clouds
• Multiple identities
• Unmanaged devices
• Legacy systems
• SaaS apps

3. Supporting Compliance Initiatives

With Zero Trust Security, all user and workload connections become invisible on the open internet, making compliance with initiatives such as PCI DSS, NIST 800-207, etc., much simpler, while supporting smoother audits.

Zero trust microsegmentation enables you to create perimeters around certain types of sensitive data using granular controls to separate regulated and non-regulated data. Should a data breach occur, or during audits, microsegmentation provides superior visibility and control compared to flat network architectures.

4. Gain Access Control over Cloud, Multi-cloud and Container Environments

Zero trust security policies are applied based on workload identity, unaffected by IP addresses, ports, and protocols. Hence, protection is tied directly to the workloads themselves and remains constant even as the environment changes, largely simplifying the access management, visibility, and general workload security challenges associated with cloud service providers and containers.

Therefore, a Zero Trust network is able to verify any request, no matter its source or destination. It can also help reduce the use of unauthorized cloud-based services (also known as "shadow IT") by controlling or blocking the use of such apps.

5. Rapidly onboarding new parties into a network

Zero Trust networks can quickly and securely onboard new parties, such as new internal users, third parties, and external contractors.

The ability to onboard many new internal users makes Zero Trust Security ideal for rapidly-growing organizations. In contrast, other IT approaches such as VPNs may need to increase capacity to accommodate large numbers of new users.

Additionally, Zero Trust can also quickly onboard external parties by extending restricted, least-privileged access to their devices not managed by internal IT teams.

6. Securely supporting remote work

Zero Trust architecture extends secure access control to users and devices connecting from anywhere, across single or multiple clouds. Hence, it is able to safeguard and facilitate remote work across the globe, regardless of location.

Every organization has unique challenges due to their business, digital transformation maturity, and current security strategy. Zero Trust Security, if implemented properly, can adjust to meet specific needs and still ensure a ROI on your security strategy.

Firstly, when designing a zero trust architecture, your security and IT teams should focus on answering two questions:

1. What are you trying to protect?
2. From whom are you trying to protect it?

This strategy will inform the way you design your architecture. Next, the most effective approach is to layer technologies and processes on top of your strategy, in the following few stages.

1. Visualize – understand all of the risks involved with your resources, users, devices, and their access points.

2. Mitigate – detect and stop threats, or apply Zero Trust architecture to mitigate the impact of the breach in case a threat cannot be immediately halted.

3. Optimize – extend Zero Trust Security protection to every aspect of the IT infrastructure and all resources regardless of location while optimizing the user experience for end-users, IT, and security teams.

Gartner recommends leveraging zero trust delivered as a service in its Zero Trust Network Access (ZTNA) framework. Zero Trust Security can also be applied in phases, beginning with either your most critical assets or a test case of non-critical assets, before implementing zero trust more broadly.

Ready to safeguard your business data and assets from the threats of a dynamic multi-cloud environment? Whatever your starting point, Hi Cloud will tailor an optimal Zero Trust Security solution to your needs to offer you immediate returns in risk reduction and security control. Contact us today.