Rooted in the principle of ‘never trust, always verify’, the Zero Trust model, developed by John Kindervag of Palo Alto Networks, is a strategic security initiative that prevents successful data breaches by eliminating the concept of ‘trust’ from an organisation’s network architecture. Meaning, this architecture treats all users as potential threats and accordingly sets its authentication and access restriction mechanisms. The Zero Trust Architecture works upon the flaw of traditional systems, which believe that data needs to be only protected from outside of an organisation.
This architecture implements a network-centric data security approach that gives access only to specific participants by enabling parameters that dictate access. It employs a positive security enforcement model where set conditions must be met before gaining access to resources.
Active Utilisation in WFH Scenarios
The COVID-19 pandemic and resulting nationwide lockdown in most parts of the world gave way to several months-long work from home arrangements. While some companies are going back to their brick-and-mortar offices in varying capacities, a large number of them still prefer to go the WFH way. In fact, prominent organisations such as Twitter and Square have Ok-ed a permanent WFH set-up for their employees.
Quite evidently, remote working does have its own set of challenges. Security being the primary concern. Enter Zero Trust in the scenario. Kindervag developed Zero Trust about a decade back; however, the mainstream popularity it has gained in recent years is unprecedented. The migration to a more hybrid multi-cloud system has been a major reason behind this.
The perimeter-less approach of Zero Trust model is what makes it a current favourite in the security circles. It focuses on ensuring proper identification and access. It leverages analytics and response tools to give full visibility to the security operations centre (SOC).
Some of the tools of Zero Trust implementation are:
- Using multi-factor authentication and session risk detection for minimising the risk of potential identity compromise.
- Adopting distributed segmentation of networks with micro-perimeters over centralised one.
- Defining and adopting access policies.
- Using cloud intelligence and other available resources, including AI, to detect access-breach in real-time.
- Reducing organisation’s mean time to respond to attacks.
- Classifying, protecting, and monitoring sensitive data to reduce exposure from intentional or accidental exfiltration.
The Zero Trust Architect identifies a ‘protect surface’ that is made of the network’s most critical data DAAS (data, assets, applications, and services). DAAS, and consequently, the protect surface is unique to every organisation. Once the protect surface is identified, the traffic movement can be monitored, which then helps in determining which users are using what applications and how. Once that is established, ‘microperimeter’ around each of these protect surfaces are created using a segmentation gateway, also known as a next-generation firewall. This microperimeter moves with the protect surface.
The segmentation gateway provides additional layers of inspection and access control through Kipling method-based Layer 7 policy. The Kipling method defines the Zero Trust policy on user context, location, and device posture, among other parameters. This policy then decides who can traverse the microperimeter at any given time and prevents access to protect surface from authorised users.
In the post-COVID world, assuming that traditional security systems are enough for an organisation would be nothing short of wishful thinking. In such traditional systems, once the attacker gains access to the internals of the microservice architecture, the complete defence system is rendered useless. The attacker may then have complete access to all data handled by such a system. Here is where the Zero Trust model gains its advantage from. In fact, a Deloitte study revealed that about 37.4 percent of security professionals say that their organisations have adopted the Zero Trust Model.
All said, there are a few challenges in adopting the Zero Trust Model. The main challenge, however, erupts from the fact there are way too many varied users (in office and remote), devices (mobile, IoT, biotech), applications (intranet and design platforms, and ways to access and store data (drive, cloud, edge). However, despite these challenges, the recent changes in the threat landscape, including recent vulnerabilities in VPNs, may only encourage organisations to adopt it.
Subscribe to our NewsletterGet the latest updates and relevant offers by sharing your email.
I am a journalist with a postgraduate degree in computer network engineering. When not reading or writing, one can find me doodling away to my heart’s content.