2018 has been an exceptionally bad year when it comes to major data breaches and attacks that have left tech behemoths like Facebook, Apple and others vulnerable to wide-reaching attacks made possible by gaining access via channels thought to be secure. Millions of accounts have been put at risk using existing channels within the internal framework of networks where requests for access are trusted without any verification, and access is granted across the entire network. This has made Zero Trust security architecture more important than ever and more sought after by businesses and governments who want to keep their guard up against increasingly sophisticated attacks.
What is Zero Trust security?
At its core, zero trust security stipulates that networks should never automatically trust requests, whether external or internal. Instead, each and every request for access needs to be verified according to several parameters before granting access, which in turn is segmented and compartmentalized to avoid overreach from malicious requests that often target more vulnerable and easily accessible entry points to branch out and search for sensitive data to steal or corrupt.
The Zero Trust concept was developed in 2010 by John Kindervag from Forrester Research Inc. However, it’s only now, more than eight years later, that CIOs and CISOs are adopting Zero Trust policies and helping move them into the mainstream across different industries. This is mostly due to the need to protect enterprise systems as well as customer data which groups and individuals are targeting in ever more sophisticated and resourceful ways.
The Current Problem
Overall, networks usually design and implement access control mechanisms and protocols on the perimeters of a network. This means that these mechanisms are like a fence that makes it difficult for external players to gain access, but incredibly easy to move around the entire network if you’re already inside its perimeter. This makes hackers or malicious software target a weak link inside the perimeter of the network, and then seek to snoop or corrupt other parts of that network that the breach point has access to.
This is due to the traditional school of thought that everything already inside the network should have access automatically, without the need to verify each request for access. This blind trust is a problem but given increased attack sophistication and rising insider threats, new security measures need to be taken to stop them from spreading once already inside.
The Solutions Zero Trust Provides
Zero Trust means shifting access control mechanisms from the perimeter of a network to its users, devices and connected systems. A policy engine is centrally placed in the network and is tasked with verifying a user’s identity, validating their device and even determining their location before granting access to the network.
Verification and validation in Zero Trust do not automatically entitle a user to access to the entire network, but instead limits the lateral access and privileges based on each user, thereby limiting a breached user’s ability to siphon off data from across the entire network, or disrupting other sections of the network with sensitive information or user data.
The ideal policy engine would include dynamic variables like the user’s behavioral history, their current location and the date and time. Based on all these variables, a policy engine would grade the level of trust for each and every access attempt, then deciding whether or not to grant access.
“Never Trust, Always Verify”
The above approach is needed in today’s increasingly attack-prone digital economy. Countless breaches in recent months have abused the traditional thinking that users and access points within a network are automatically trusted and get wide-reaching access. These breaches can be easily prevented if Zero Trust architecture makes a bigger impact on networks of major businesses and corporations that rely on their enterprise networks to provide their goods and services.