Understanding the Core Principles of Zero Trust Network Access
Zero Trust emerged as a necessary response to the fact that controlling every user, device, and application directly is now infeasible. The solution is to assume everything is hostile and apply access controls based on devices, users, and their behaviors.
Table of Contents
Principle of Continuous Verification
Zero-trust network access takes a different approach by assuming that everyone, every device, and every service that tries to connect to the organization’s data is hostile until proven otherwise.
This means that the enterprise constantly verifies these connections, enforces strict policies, and re-evaluates each user’s trusted status based on changes in devices, users, applications, and behavior.
This continuous verification enables security based on application-level context, independent of the network constructs like IP and port numbers used to define traditional networks. In addition, the principle of least privilege requires that all accounts be limited to the minimum permissions required to perform the task at hand.
This includes programmatic credentials such as service accounts, which are often overly-permitted and enable lateral movement for attackers. As part of this principle, Zero Trust also uses continuous multi-factor authentication to ensure that the device or user attempting to access a resource is authenticated and authorized.
This prevents unauthorized accounts from gaining access to resources and reduces the damage a successful insider or external attack can do.
Zero Trust also supports the need for an organization to collect as much information as possible about its current network infrastructure, communications, end users, and devices to improve its overall security posture and better protect against a wide range of threats.
Principle of Least Privilege
Embracing the Principle of Least Privilege balances usability and security to safeguard critical systems and data by limiting what users can access. This minimizes the attack surface, thwarts cyberattack, and reduces human error that can cause malware propagation or application incompatibilities. To implement the principle of least privilege, organizations need granular access controls to discover and bring under policy management all privileged accounts.
This includes user and local accounts, SSH keys, Windows and Linux groups, DevOps secrets, and default or hard-coded passwords for human and machine identities. PAM solutions are one way to enable these granular access controls.
When applying the principle of least privilege, users must be granted access to only what is needed for their job function. For example, an employee processing payroll checks does not need access to customer data or marketing analytical tools.
Similarly, a contractor tasked with maintaining computer hardware doesn’t need access to application source code. Zero-trust imposes a strict rule: Nothing is trusted by default, not devices, end users, or processes. Instead, everything must be authenticated, authorized, verified, and monitored continuously.
This contrasts the traditional approach that assumed everything was secure until it was compromised. Zero Trust assumes the network is consistently hostile and the threat is there, even if you don’t know it yet.
Principle of Adaptive Segmentation
Zero Trust is a security architecture that assumes everything in your network is hostile until you prove otherwise. It enables organizations to secure data, applications, and services regardless of location – on-premises or hybrid cloud environments.
Zero Trust also considers the proliferation of remote workers, BYOD, and IoT devices that are not under your control. The core of zero Trust is a continuous verification model that requires every user and device to authenticate and continuously verify their identity before accessing network resources. This is accomplished through device, user, and behavioral policies that enforce substantial authentication factors, including multi-factor authentication (MFA).
In addition to ensuring users are who they claim to be, zero-trust solutions validate all devices to ensure they meet minimum health criteria. This prevents compromised devices from stealing credentials or gaining access to the network.
In addition, a zero-trust approach provides visibility into all access requests and allows administrators to enforce user, device, or application-specific policies. Zero Trust provides an alternative to traditional perimeter-based security that cannot protect data, applications, and infrastructure in today’s increasingly complex and distributed networks.
It is a powerful, forward-thinking solution that addresses modern enterprises’ challenges as they seek to enable the workforce to work from any location on any device and connect to critical information and services in both on-premises and hybrid cloud environments.
Principle of Authentication
Zero Trust requires robust and continuous authentication and authorization of users and devices. This limits the “blast radius” if an insider or malware attack does occur by only granting access to resources that are required to do so.
This security model also restricts lateral movement between applications, services, and systems to mitigate the risk of attackers exploiting overly privileged service accounts. In addition, the security architecture must support adaptive segmentation so that data and workflows are secure across distributed hybrid and multi-cloud environments.
Software-defined microsegmentation reduces the need for expensive and redundant firewalls, VPNs, and other hardware/software security stacks.
Finally, the security architecture must have visibility and control over all users, data, devices, and flows in your digitized environment. This includes the ability to verify all communications, ensuring that all access is legitimate and not coming from an unknown or malicious source. It must also enable you to quickly onboard third parties and contractors while extending restricted, least-privilege access that can be easily scaled.
Zero Trust combines the core principles of least privilege, continuous verification, and adaptive segmentation to eliminate inherent Trust in today’s digital enterprise. In doing so, it provides a robust, scalable alternative to traditional perimeter-based approaches that leave many organizations vulnerable. This approach is critical in enabling a business-enabling security operating model that can deliver the agility and speed that businesses require.