enterprisesecuritymag

The Foundations of a Zero-Trust Network

Enterprise Security Magazine | Monday, July 19, 2021

The main advantage of taking a zero-trust approach is that it protects businesses from all sides, especially from within.

FREMONT, CA: Zero-trust is a security model that combines tight identity verification and explicit authorization for every person or thing attempting to access or utilize network resources, regardless of whether the person or entity is inside or outside an enterprise's network perimeter.

The Advantages of a Zero-Trust Model

The main advantage of taking a zero-trust approach is that it protects businesses from all sides, especially from within. Traditional security methods, such as defense-in-depth, have traditionally focused on network perimeter protection. Many of today's breaches originate from within, whether by workers or threats that have infiltrated the network via email, browsers, VPN connections, and other means. For someone who already has network access, data exfiltration can be simple. To address this, zero trust disables access to anybody and everything until the network can verify the identity. Then it keeps track of how one is utilizing data and, if necessary, revokes the authorization to transfer it elsewhere.

The Foundations of a Zero-Trust Network

As its name implies, zero trust is based on the idea that nothing should be taken at face value and that everything should be double-checked. A zero-trust approach is made up of numerous technologies and best practices that fall under this umbrella. Here are some of the most important principles:

  • Least-privilege access means that just the information that each individual requires is accessible. This decreases the likelihood of internal data exfiltration by limiting malware's capacity to jump from one machine to another.
  • Micro-segmentation separates a network into distinct segments, each with its own set of security credentials. Even if one segment is breached, this strengthens the means of protection and prevents bad actors from spreading throughout the network.
  • Once people have access to data, data usage constraints limit what they can do with it. This is increasingly done dynamically, like withdrawing authorization to copy data that has already been downloaded to a USB drive, email, or cloud apps.

Continuous monitoring looks at how people and things interact with data and other systems. This instance allows risk-adaptive security controls to automatically customize enforcement based on people's actions, ensuring that people are who they say they are.

Weekly Brief