CISOs and network managers need to know which users can be trusted, and whether or not a workload might be compromised. Simple network monitoring and a few scattered enterprise security measures are no longer enough.
Architectural shifts to cloud services -like AWS and Azure- along with the growth of SaaS, IaaS, and Pass, the ‘container revolution’ and other technological transitions exacerbate the issue. These infrastructures are now everywhere. The assumption of inherent trust in your network is becoming more false than ever before.
The same is true in relation to users and their devices, which are now ‘everywhere. Devices can access sensitive data and applications through VPN or direct means. The rules of ‘access’ have changed and with that, risk exposure has increased.
What is a network manager to do?
Zero Trust Segmentation and the Zero Trust Framework
One answer is for organizations to adopt a Zero Trust Framework. As a reminder, the Zero Trust Framework is not a technology. It’s an architectural model. A subset of the Zero Trust Framework is known as the Zero Trust Network Access model -originally developed by John Kindervag during the 2010s- is a strong candidate.
A core tenant of the model is the well-known phrase, “Never trust, always verify, for each connection in the network.” This concept asserts that no device, user, or workload should be trusted by default. It doesn’t matter if the source is inside of the security perimeter.
More on the Zero Trust Framework
The Zero Trust framework is defined as ‘the trust contract between the consumer and provider’. This approach is focused on users (identities) and applications/data (workloads).
Since its introduction, it has evolved significantly and is now a useable framework that provides IT and Security with a chance to implement Zero Trust architecture in a pragmatic way.
Zero Trust considerations
- Assume that no portion of a network merits trust. Assume that a data breach will occur.
- The disappearance of “inside” vs. “outside” means that we assume the existence of both internal and external threats on all components of the network.
- Zero-Trust is highly granular. Only the minimum possible access (least privilege) is granted to the smallest resource unit.
- Zero-Trust is dynamic. Trust is constantly reassessed throughout the interaction between the user and the requested resources.
- Zero-Trust is end-to-end. Security stretches from the requesting object to the resource requested.
- Zero-Trust is detached from preexisting classifications. Thus, the terms inside and outside the perimeter are meaningless in the realm of zero-trust.
- Policies should be dynamic and should include more information than the locality of the end-user.
- Organizations should take a default-deny approach to security, meaning that users should never be inherently trusted, but always verified.
- Zero Trust segmentation should be centrally managed – a place to orchestrate the network.
Zero Trust Segmentation: Benefits
1. Lower risk by discovering resources and increasing visibility.
Organizations often fail to track what data they have, where it resides, and how it travels. Due to the high volume of new devices continually added to a network, IT and security teams commonly struggle to achieve 100% visibility. Zero Trust segmentation forces the identification of any device or application on a network that attempts to communicate. The device is automatically assumed untrustworthy. It is automatically disallowed from communications until its identity is verified. In turn, this allows security practitioners to understand what devices exist on the network and which aim to gain access.In addition, because data flows are mapped in a Zero Trust-based approach to segmentation, ops teams obtain increased visibility into ecosystem weaknesses and risks.
2. More control in a cloud environment.
Security practitioners occasionally resist transitions into the cloud due to seeming loss of visibility and lack of control. When a cloud service provider owns the storage space, organizations can only see and do so much to protect their cloud-based data. Or so the thinking sometimes goes. Zero Trust segmentation can assist with this. Zero Trust segmentation works with any network. This includes public and hybrid clouds. Because Zero Trust segmentation is application and workload-centric, security ops teams have a fair level of control over application workloads.
In the event that users or workloads do not meet attribute recognition, the workload is barred from communicating. As a result, hackers then see difficulty in achieving east-west/lateral movements.
3. Lower breach potential.
Because Zero Trust segmentation focuses on the pillars: users, devices, network, workload, and data. This allows security teams to identify and stop malicious data-based activity more easily than before.The Zero Trust model enables the continuous inspection of workload deviations from the intended state. It prevents unverified workloads from communicating anywhere on the system. Any application or service is inherently untrusted until verification occurs. After verification, communication continues on a ‘need-to-know’ basis. In other words, access remains restricted to those who require access.
Creating ‘distrust’ of devices decreases breach potential, and overall security risk. It also minimizes potential attack cleanup and mitigation expenses, as there will be fewer breaches to manage.
4. Enabling compliance initiatives.
Zero Trust is an enabler for compliance initiatives. A Zero Trust architecture can help auditors communicate directly with executive teams, helping to prevent extended business disruption and financial repercussions due to failed audits. Zero Trust segmentation enables auditors to quickly see application data flows and how workloads are communicating -securely- across a network. Zero Trust segmentation limits means of network exploitation and results in fewer audit findings.
5. Increase business speed and agility.
Modern enterprises aim to operate at lightning speed. Many feel that security may slow a business down. For example, when a port is blocked or a host server sees removal due to a possible intrusion, employees are unable to access tools for job performance.
6. Identify sensitive data:
Know all of the data assets with sensitive information that needs protection and data and know where it is located.
7. Alleviates organizational friction.
Some security vulnerabilities are nearly impossible to manage with traditional controls. These include vulnerabilities within distributed development and staging environments.
In the past, organizations have taken the ‘bolt-it-on’ at the end approach to security. This approach has not worked well. Zero Trust segmentation negates this approach by enveloping applications in protection.
How to implement a Zero Trust strategy
Identify the data. Know what sensitive data needs protection and know where it is located. This is a critical step in effectively protecting your environment and implementing a Zero Trust architecture strategy.
Discover application flows. This refers to the discovery of the communications between the applications and examining the surface attack.
Define policy. Once organizations can clearly see application flows, the process of creating a Zero Trust architecture policy with a default deny standard rule becomes easier. It also becomes easier to define and spot macro-perimeters, such as those for specific applications.
Enforce. In the past, enforcing a policy presented its own form of risk. Each policy change could result in network outages and availability problems for applications. With a test mode, this threat will disappear and organizations will be able to reach enforcement faster, without risk of breaking applications.
Zero Trust segmentation, when done correctly, enables an organization to track alerts for policy violations in real-time. Organizations can enhance alerting with meaningful, contextual data, encryption of east-west traffic in transparent ways, along with gaining full visibility throughout the application lifecycle.
Monitor and maintain. Retaining and refining enterprise security and implementation requires continual effort. As noted previously, Zero Trust is not a technology. It’s a framework and a process. Given the steps above, your organization should be able to implement Zero Trust segmentation with each new application in your enterprise. Eventually, you should be able to find the optimal workflow over time while following a never trust, always verify approach.
Embrace security automation and orchestration. Only via orchestration and automation will an organization manage to maintain a stable, predictable and reliable network security model.
Would you like more information about zero trust, zero trust segmentation, and zero trust trends? See CyberTalk.org’s past coverage. Lastly, if you would like more authoritative information, timely trend insights, and interviews with experts, sign up for the CyberTalk.org newsletter.