Zero Trust Model
What is the Zero Trust Model?
Traditional security models rely on a perimeter to secure the network, using access control tools like firewalls. However, today’s networks are complex and distributed, consisting of numerous interconnected network components like public clouds and endpoints like laptops, mobile phones, and Internet of Things (IoT) devices.
The zero trust model enables enterprises to secure complex networks by adopting a “never trust, always verify” approach. The goal is to allow remote and complex connectivity without compromising security by applying strict access mechanisms. Zero trust security implementations usually start with mapping out “protect surfaces” and defining least privileges.
What Are the Prerequisites for a Zero Trust Model?
Organizations that want to implement a zero-trust security framework must address the following issues first:
- Identifying sensitive data and systems—zero trust requires mapping out an organization’s “protect surfaces”, understanding where sensitive data lives and who should have access to it.
- Define least privileges—moving to a zero-trust security model places restrictions on users, devices, applications, and processes that want to access identified data. This requires a careful review of the business process, to discover what each business role should be able to access on a “need to know” basis.
- Rapid threat detection and response—to adopt zero trust, an organization must have the ability to monitor threats in real time and rapidly respond. The ability to automatically respond to incidents is critical to effective implementation.
Related content: What is zero trust network access?
Zero Trust Model: Practical Considerations
The 3 W’s – Workforce, Workplace and Workloads
Traditional security models implement security according to the location by setting up a perimeter and then protecting it by restricting who is allowed to enter. Modern networks are complex architectures without a clear perimeter and require a different security approach.
The zero trust model offers security mechanisms that do not rely on a perimeter. Instead, zero trust implementations aim to protect the network from the 3Ws—workforce, workplace, and workloads. None of the Ws should be trusted because they can threaten the network.
The workforce is composed of employees, typically classified as insider threats. For example, threat actors can steal employees’ credentials to commit fraud or breach a system. Zero trust security can help minimize the risks posed by insider threats, mainly by protecting users and devices against identity-based attacks like phishing scams.
Here are several security best practices and technologies that can help protect the network against workforce threats:
- Multi-factor authentication—helps verify the identity of users, offers visibility into all devices, and enforces policies that secure access to all applications. These capabilities help ensure only legitimate users and devices are granted access to the network.
- Single sign on (SSO)—enables access to all enterprise systems through one authentication mechanism, accessible from any device or location. Modern SSO solutions can provide unified access to systems across hybrid infrastructure.
- Device posture check—ensures that devices connecting to enterprise systems meet minimal security requirements. For example, verifying that a device is not running a vulnerable software version, has relevant security patches, and is running antivirus.
Workloads are susceptible to vulnerabilities caused by misconfigurations, malicious attacks, and other threats. A workload can introduce threats into the network, allowing malicious software (malware) to cause damage in specific locations or move laterally across the network. Zero trust security can help minimize the attack surface.
Implementing zero trust for workload protection usually involves protecting and controlling the flow of information moving across the network. However, application workload protection can be complex when implemented for modern architectures, like multi-clouds and hybrid clouds transmitting data between on-premises data centers to endpoints and cloud environments.
Here are several practices to consider when implementing zero trust for workloads protection:
- Microsegmentation—helps contain threats within one segment of the network to prevent lateral movement.
- Machine learning—provides automation and intelligence to identify abnormal workload behavior and reduce the attack surface proactively.
Workplaces of the past were restricted to brick-and-mortar buildings. Today’s remote work paradigms have created a distributed workplace that is no longer restricted to a specific location. This type of workplace relies on connectivity to enable the workforce to access network resources, and each connected device can potentially introduce threats into the network.
The zero trust model protects the network against endpoint threats while allowing users to access network resources, typically by implementing software-defined access. It helps ensure that IT and security teams can still gain visibility into users and devices despite the lack of perimeter. This visibility enables teams and tools to identify threats and control all connections established within the network.
Leverage Modern Tools and Architecture
In many cases, traditional network security tools do not meet the requirements of an end-to-end zero trust model. This means traditional tools must be replaced, or complemented, by more advanced tools that provide additional layers of security.
Here are a few examples of tools commonly used to meet the requirements of a zero trust framework:
- Network micro-segmentation
- Next generation firewall (NGFW)
- Single sign on (SSO)
- Multi-factor authentication (MFA)
- Advanced threat protection solutions such as eXtended Detection and Response (XDR)
Apply Detailed Policies
Once an organization establishes the skills and technologies needed to build a zero-trust framework, actual implementation comes down to defining and implementing policies that can be applied to a variety of security tools.
A zero trust policy is a set of rules that allows access to specific resources according to strict standards. The policy should describe precisely which users, devices and applications can access which data and services, from where, via which devices or networks, and when. Once policies are set, administrators can configure security tools to accept connections meeting the authorization rules in the policy and deny all others.
Monitor and Alert on Anomalies
The goal of zero trust is not only to minimize unauthorized access, but also to identify and stop anomalous access in real time. This requires putting robust monitoring and alerting in place, which enable security personnel to react to security incidents, understand whether current policies are effective, and identify exploited vulnerabilities.
It’s important to remember that even with a zero trust framework, nothing is completely secure. The organization must be able to capture malicious activity when it occurs. Leverage automated incident response capabilities, such as security automation and orchestration (SOAR), to run automated playbooks when zero trust systems detect an anomaly.
Learn more in our guide: How to implement zero trust?