Zero Trust Principles: What is Zero Trust Security?

What is Zero Trust?

Historically, many enterprises have adopted a trust-based, perimeter-focused security strategy. By deploying security solutions at the network perimeter, they try to keep threats outside of the network while assuming that anyone inside the network is trusted and should have full access to the organization’s resources. However, this approach to security has several limitations , including the dissolving network perimeter, the potential for insider threats, and the fact that no security solution provides perfect protection.

Zero trust security is designed to address these shortcomings by transitioning to a security strategy based on the concept of “trust but verify.” Instead of granting unlimited access to corporate resources, a zero-trust security strategy provides access on a case-by-case basis. These access decisions are based on role-based access controls (RBACs), where users are only assigned with the access and permission necessary for their job roles.

Moving from the concept to the reality of zero trust, requires implementing a zero trust architecture and selecting the tools that will enforce zero trust rules across an enterprise.

An example of one of the critical components of a zero trust architecture is zero trust network access (ZTNA), also known as a software-defined perimeter (SDP). ZTNA/SDP applies zero trust principles to remote network access. Unlike legacy solutions like virtual private networks (VPNs), which provide unrestricted network access to legitimate users, ZTNA/SDP provides access to particular resources on a case-by-case basis.

However, ZTNA is only effective if it can be deployed and enforced consistently across the entire IT infrastructure. The ZTNA capabilities of SASE are answering the needs of an evolving work environment with multiple solutions.

The Importance of the Zero Trust Security Model

Traditional approaches to cybersecurity are no longer effective for protecting modern cyber threats. Today, ransomware attacks occur on a regular basis, and exploitation of poor authentication and access controls on RDP is the most common infection vector. 52% of US organizations struggle with insider threats, which perimeter-based security solutions are blind to.

Implementing zero trust principles is the most effective way for an enterprise to control access to its IT assets. Zero trust uses a variety of techniques to detect and block common attack vectors, including:

  • Strong Identity Verification: The access decisions made by zero trust security solutions are driven by RBACs. To determine which RBACs should apply, these systems need to validate the identity of the requestor. Zero trust systems include strong user authentication including multi-factor authentication (MFA) to verify that the entity making a request is actually who they claim to be and has the right to do so.
  • Behavioral Analysis: Account takeover attacks are a common threat and the source of many ransomware attacks that leverage RDP for initial access. If an attacker can determine the correct credentials for a user account, they can log in to the system. A zero trust system may use behavioral analytics to monitor a user for any anomalies or discrepancies from normal usage, such as logging in from an unusual location or accessing non-standard resources. If such abnormalities are detected, the system can take action to investigate or respond to a potential intrusion.
  • Microsegmentation: Access controls and security policies are largely enforced at network boundaries. This means that perimeter-based solutions have little or no visibility into the network or the ability to enforce internal security. Zero trust security solutions often implement micro-segmentation to create boundaries around each resource and enforce granular security controls.
  • Least Privilege Controls: 53% of US organizations have experienced the theft of privileged user credentials, which can be used to access sensitive resources. Zero trust security is based on the principle of least privilege, which states that users, applications, etc., should only have the bare minimum set of privileges required to perform their job duties.

Legacy security models and security controls were ineffective in the past, and as corporate networks grow more complex, this problem only grows worse. The modern enterprise network spans multiple environments, including on-prem, cloud-based, and remote resources. Protecting these environments against cyberattacks requires the deep visibility and granular protection that zero trust provides.

Zero Trust Model Core Principles

Forrester coined the term “zero trust” to describe a new way of implementing a cybersecurity strategy. Some of the core functions of a zero trust architecture include:

  • Identify: An effective zero trust architecture requires in-depth knowledge of an enterprise’s environment and how it is used. This includes identifying devices within a company’s network and their interactions to build effective zero trust policies.
  • Protect: A zero trust strategy protects against cyber threats by managing access to corporate resources. By blocking illegitimate actions, it can help to block attempted intrusions or unauthorized access to sensitive resources.
  • Detect: Zero trust solutions have deep visibility into an organization’s environment and activities. This visibility can help an organization detect potential intrusions based upon blocked requests or other anomalous activities.
  • Respond: Once a threat has been detected within an organization’s environment, zero trust solutions can also help with incident response. For example, new access controls can be put into place to block malicious activities or potential abuse of privileges.

Forrester and Gartner have published various resources on zero trust, including advice on selecting solutions to implement a zero trust architecture. For example, Gartner’s ZTNA market guide provides guidance on selecting secure remote access solutions that implement zero trust principles.

How Organizations Can Achieve Zero Trust

#1. Know Your Organization’s Needs

The zero trust security model is designed to provide a balance between security and business productivity. On the one hand, zero trust is designed to allow employees to perform their duties without hindrance. On the other, any unauthorized access or use of corporate resources should be blocked by the organization’s zero trust security controls.

This means that an organization needs to understand its needs before it can effectively deploy zero trust. For example, an organization with a remote workforce should know how employees  use corporate resources and how to configure ZTNA. From a security perspective, the organization should consider factors like regulatory compliance and how to ensure that a distributed workforce does not violate compliance requirements.

#2. Create a Directory of All Assets

A zero trust security strategy is designed to manage access to all of an organization’s assets based on the principle of least privilege. Therefore, before developing a zero trust strategy, it is essential to create a directory of all corporate assets. This enables an organization to effectively scope its zero trust deployment and to ensure that it has the proper security solutions to consistently and effectively enforce zero trust policies across its entire environment. This directory of assets will also be useful when defining RBACs for the zero trust system.

#3. Think Ahead: Be Preventive

Prevention is the best form of cybersecurity. Detection-based security controls only act once an attack is already in progress, while prevention can block the attack from ever entering the organization’s systems or causing any damage whatsoever.

The key to prevention is identifying potential attack scenarios and putting into place the appropriate security controls. For example, the shift to remote work in the wake of the COVID-19 pandemic has made workers a primary target of cyberattacks. Organizations that secure the remote workforce with zero trust access solutions are less vulnerable to attacks exploiting these remote workers’ computers.

#4. Continuously Monitor + Be Responsive 

A zero trust security architecture provides an organization with deep visibility into how its IT resources are being used. Since every resource request is validated against RBACs, the organization can see what is going on within its environment.

This granular visibility can be invaluable for detecting potential intrusions or abuse of privileges; however, this is only useful if someone is watching for these events. As part of a zero trust strategy, enterprises should develop a plan to monitor zero trust solutions and remediate any potential intrusions before they cause significant damage to the organization.

#5. Align with the Broader Security Strategy

Implementing a zero trust security strategy can help dramatically improve an organization’s IT security. However, a zero trust program is only one component of a corporate security strategy or, more generally, an IT strategy.

When designing a zero trust security strategy, it is important to align it with the corporate security strategy and IT network strategy. By ensuring that goals are in alignment and identifying opportunities to use the same solutions to address multiple use cases, an organization makes its zero trust strategy easier to adopt and more sustainable.

Challenges of Zero Trust

Many organizations have acknowledged the value of a zero trust security strategy, but many have not yet made the move. The reason for this is that implementing a zero trust strategy can be difficult for a few different reasons, including:

  • Designing a Zero Trust Architecture: An effective zero trust architecture is one that enforces zero trust principles consistently across the entire IT environment. Without the right solutions, this can be difficult to achieve and results in a complex and challenging to manage security architecture.
  • Phasing Out Legacy Solutions: Many organizations have invested in an array of point security products designed to support perimeter-focused security strategies. Making the move to zero trust requires phasing out these legacy solutions, which can be difficult due to investment in the technology, contracts, etc.
  • Defining Access Controls: Zero trust security is all about access controls. When designing a zero trust architecture, organizations require solutions that give them the visibility needed to learn how their resources are being used and to define access controls accordingly.

All of these can be significant challenges for an organization looking to deploy zero trust security. However, with the right tools and strategy, these can all be overcome.

Deploying Zero Trust with SASE

Implementing a zero trust architecture provides an organization with several security benefits. However, effectively implementing and enforcing zero trust principles within an organization requires access to the right security tools.

In the modern world of remote work, secure remote access is a core security capability. Organizations looking to deploy zero trust for their remote workforce should look into the ZTNA capabilities of SASE. To learn more about implementing zero trust for your distributed organization with SASE, feel free to request a demo of Cato Cloud or contact us.

FAQ

  • What is Zero Trust Network Access (ZTNA)?

    Zero Trust Network Access is a modern approach to securing access to applications and services. ZTNA denies everyone and everything access to a resource unless explicitly allowed. This approach enables tighter network security and micro-segmentation that can limit lateral movement if a breach occurs.

  • How is ZTNA different from software-defined perimeter (SDP)?

    SDP and ZTNA today are functionally the same. Both describe an architecture that denies everyone and everything access to a resource unless explicitly allowed.

  • Why is ZTNA important?

    ZTNA is not only more secure than legacy network solutions, but it’s designed for today’s business. Users work everywhere — not only in offices — and applications and data are increasingly moving to the cloud. Access solutions need to be able to reflect those changes. With ZTNA, application access can dynamically adjust based on user identity, location, device type, and more.

  • How does ZTNA work?

    ZTNA uses granular application-level access policies set to default-deny for all users and devices. A user connects to and authenticates against a Zero Trust controller, which implements the appropriate security policy and checks device attributes. Once the user and device meet the specified requirements, access is granted to specific applications and network resources based upon the user’s identity. The user’s and device’s status are continuously verified to maintain access.

  • How is ZTNA different from VPN?

    ZTNA uses an identity authentication approach whereby all users and devices are verified and authenticated before being granted access to any network-based asset. Users can only see and access the specific resources allowed to them by policy.

    A VPN is a private network connection based on a virtual secure tunnel between the user and a general terminus point in the network. Access is based on user credentials. Once users connects to the network, they can see all resources on the network with only passwords restricting access.

  • How can I implement ZTNA?

    In client-initiated ZTNA, an agent installed on an authorized device sends information about that device’s security context to a controller. The controller prompts the device’s user for authentication. After both the user and the device are authenticated, the controller provisions connectivity from the device through a gateway such as a next-generation firewall capable of enforcing multiple security policies. The user can only access applications that are explicitly allowed.
    In service-initiated ZTNA, a connector installed in the same network as the application establishes and maintains an outbound connection to the provider’s cloud. A user requesting access to the application is authenticated by a service in the cloud, followed by validation by an identity management product. Application traffic passes through the provider’s cloud, which provides isolation from direct access and attack via a proxy. No agent is needed on the user’s device.

  • Will ZTNA replace SASE?

    ZTNA is only a small part of SASE. Once users are authorized and connected to the network, there is still a need to protect against network-based threats. IT leaders still need the right infrastructure and optimization capabilities in place to protect the user experience. And they still need to manage their overall deployment.
    SASE addresses those challenges by bundling ZTNA with a complete suite of security services — NGFW, SWG, anti-malware, and MDR — and with network services such as SD-WAN, WAN optimization, and bandwidth aggregation.

  • What security capabilities does ZTNA lack?

    ZTNA addresses the need for secure network and application access but it doesn’t perform security functions such as checking for malware, detecting and remediating cyber threats, protecting web-surfing devices from infection, and enforcing company policies on all network traffic. That’s why the full suite of security services in SASE is a complement to ZTNA.

  • How do Zero Trust and SASE work together?

    With SASE, the ZT controller function becomes part of the SASE PoP and there’s no need for a separate connector. Devices connect to the SASE PoP, get validated and users are only given access to those applications (and sites) allowed by the security policy in the SASE Next-Generation Firewall (NGFW) and Secure Web Gateway (SWG).

    SASE addresses other security and networking needs by bundling ZTNA with a complete suite of security services — NGFW, SWG, anti-malware, and MDR — and with network services such as SD-WAN, WAN optimization, and bandwidth aggregation. Enterprises that leverage SASE receive the benefits of Zero Trust Network Access plus a full suite of network and security solutions, all converged together into a package that is simple to manage, optimized, and highly scalable.

LEARN MORE ABOUT CATO REMOTE ACCESS