We Live Data Security

Nerd Out On Our Latest Thoughts

Zero-Trust Architecture: What is it and why should you care?

[fa icon="calendar"] May 20, 2019 2:16:28 PM / by Carl Keyser

hamster-690108-1200x795
(Not an actual emotional support hamster...)
 
If you're like most people, the thought of your sensitive business data being stolen by some creep (that probably spends their entire day in pajama pants covered in Cheeto crumbs) is both infuriating and panic-inducing.
 
 
You've got two choices: 
 
1. You can either go to your doctor and have them increase the dosage on your anti-
    anxiety medication and write a note that lets you take a support animal on planes while
    you travel, ultimately ignoring the problem altogether.*
 
- or -
 
2. Do something about it. Shake off your own Cheeto crumbs and develop a healthy,
    robust cybersecurity posture.
 
One of the things you might want to consider as you develop that healthy, robust cybersecurity posture is a Zero-Trust architecture.
 
What is Zero Trust Architecture?
 
Traditional information security models still operate under the belief that everything that's inside an organization's network is a-ok, should be there and can absolutely be trusted.
 
We know that's not the case. In the IoT era and with all the unapproved devices that might be operating inside the confines of your network, you need a better solution. The idea that only the perimeter needs to be protected is outdated and, more importantly, unsafe.
 
Zero-Trust rectifies that. Zero-Trust is based on the principle that you should "never trust, always verify." By using micro-segmentation and granular perimeter enforcement, Zero-Trust Architecture is designed to stop threats that may laterally move within a network.
 
Why does that matter?
 
When an attacker moves laterally through a network, they're typically searching for valuables. Assets, data, stuff they can sell. Traditionally, businesses would define sub-perimeters within their organization's network that are designed to help identify the way an attack might spread and stop unrestricted lateral movement throughout the network.
 
This is important for a few reasons, but one in particular; the attacker's point of ingress is not where they find what they're looking for. They'll typically need to move around, inside the perimeter to find the goods so to speak.
 
With a properly implemented Zero-Trust Architecture, you're limiting an attackers ability to move laterally across your network. Simply you trust no one without verification.
 
So Why Zero-Trust?
 
With Zero-Trust you're treating all hosts as if they're internet facing and that potentially, each one could compromise the entire network. It's crucial to distinguish who your users are, which applications they are trying to reach, and if the action is considered an appropriate session. 
 
With a properly implemented Zero-Trust Architecture, you're limiting an attackers ability to move laterally across your network. Simply put, you trust no one without verification.
 
Things to Consider Regarding Implementing a Zero-Trust Architecutre
 
I can't stress the importance of visibility enough...
 
Having visibility to the applications, users, and data flow is integral. You need to understand who your users are, what applications they are using/trying to access, and what means of connection the attacker is using to do so. Without doing that you'll never be able to develop or enforce a successful security policy that ensures secure data access.
 
Make Sure that data and resources are accessed securely. Base that access on user and location. One of the keys to successfully using a Zero-Trust architecture is knowing what your traffic looks like and how your data moves throughout your business's systems.
 
Leverage your company's policies to identify and allow or deny traffic that moves through specific junction points. This will enable the segmentation of your sensitive resources and help you establish boundaries that can be used to prevent those resources from being stolen.
 
Using third-party access management tools like Idaptive and Fortinet's FortiNAC offering can help you do both. Idaptive lets you implement an identity and access management solution that makes for applying a principle of least privilege solution easier.
 
We're actually hosting a webinar with FortiNAC on June 6th at 11 a.m. to dive a bit deeper into how product maintains visibility across your ecosystem. If you're interested, you can use this link to register: https://mailchi.mp/5a54d5cd99ad/paheulxp9b
 
Like this blog article? Feel hearing more from us? Use the CTA in the upper right-hand portion of the web page to subscribe to Security7 Network's weekly blog articles. You won't regret it, and I promise we won't spam your inbox.
 
*Seriously, nobody wants to see a drugged-up, over-anxious adult who's cradling their emotional support hamster, rocking back and forth as the airplane wheels lift off the ground.

Topics: Idaptive, FortiNAC

Subscribe to Email Updates

Lists by Topic

see all