Zero Trust: sooner or later you have to trust something
strengths, weaknesses and notes regarding a modern IT infrastructure design
This week we’ll be publishing under a new format where we try to organize some notes about a specific Cybersecurity topic. See it as a pocket-sized Cybersecurity glossary with real examples and data.
The first issue under this format is about Zero Trust.
❔ What it Zero Trust and why it matters
The Zero Trust security model (also zero trust network architecture, zero trust network access, ZTA, ZTNA) describes an approach to the design of IT systems around the concept of "never trust, always verify”.
This means that users and devices should not be trusted by default, even if they are connected to a permissioned network e.g. a VPN.
The reasoning for zero trust is that the traditional approach is not relevant in the complex environment of a corporate network where the number of users, devices and systems are constantly changing.
Core concepts
Never trust, always verify
Least privilege - only grant users and apps the minimum access needed
Assume breach - plan for the worst case scenario.
Micro segmentation to contain incidents
🔍 Problem
Previous model: perimeter security is insufficient. You can’t stop malicious actors at the gate (e.g. VPN)
Concept of castle vs airport
Castle: check everyone at entry and leave them snif around
Airport: continously check the users - at the entry, in security, at the gate and before entering the plane
Remote working took more devices out of the offices
Companies shouldn’t trust all devices in the network
New Hybrid cloud solutions where that contribute to a complex definition of perimeter
In a world where attackers are more and more trying to disguise themselves as someone trustworthy, a computer security model based on the human definition of trust is flawed.
✨Solution
Authenticate
Authorize
Continuously validate
💪 Strengths
Effective access control. Zero trust architectures allow identity verification, least privilege controls, microsegmentation, and other preventative techniques.
Perimeterless strategy. As the number of endpoints in a network grows, establishing, monitoring, and maintaining secure perimeters becomes more difficult. Work from home and remote workforce are part of the problem.
Improve insight. effective zero-trust models increase visibility into network traffic.
Minimize risk and damage. By restricting user access and segmenting the network to reduce the attack surface, a zero trust model reduces time-to-breach detection and helps the organization minimize damage.
Enhance user experience. Eliminate the need for users to re-authenticate throughout the day, based on access policies and risk assessments, and remember complex passwords with mechanisms like single sign-on (SSO) and strong MFA.
😡 Criticisms
Zero Trust has a negative connotation because it implies that everything happening on the network is suspect until proven otherwise
It's framing an ongoing process as an end state. You'll see the same disappointment that people saw when they decided "we're going to do DevOps".
Because it’s harder and harder to define a network perimeter, a VPN is at least one layer of defense and should not be discarded
Current IT networks are old and it’s too hard to update to a new, user / device based authentication. It will take years
You have to eventually trust something. Perimeterless network security would be a better term
Related resources:
⛹️♀️Players
Zero trust architecture implies multiple vendors at different levels on the network. Here’s a few notable ones:
Crowdstrike
Microsoft
CyberArk Privilege access management
ZScaler
Okta
🔮 Predictions
Gartner predicts that "60 percent of organizations will embrace Zero Trust as a starting point for security by 2025” - Gartner
two-thirds of surveyed cybersecurity professionals would like to continuously authenticate users and devices and force them to earn trust through verification - Darkreading
How long would it take an org to go from normal to full zero trust?