Five worthy reads is a regular column on five noteworthy items we've discovered while researching trending and timeless topics. With the rising concern over cybersecurity in remote work, this week we explore the concept of the Zero Trust model in cybersecurity.
The traditional concept of network security involved classifying networks into internal and external networks separated by a firewall, an approach defined by the perimeter of the workplace and its IT infrastructure. The primary focus was to strengthen the firewall and prevent any malicious elements from entering the internal network. However, if hackers succeeded in penetrating the internal network, they could move laterally throughout the network using the privileged access of the compromised account to attack critical resources, thus exploiting the implicit trust granted to the user account.
The concept of physical perimeters is becoming irrelevant, and organizations now function in a complex IT architecture with geographically distributed endpoints that harbor multiple nodes susceptible to a malicious attack if left unsecured. Attacks such as ransomware, target weaker user accounts in a network. In addition, we have seen a 667 percent increase in spear-phishing email attacks related to COVID-19 in March, according to the industry publication Security.
With most individuals now working remotely, and industries witnessing an explosive increase in cyberattacks, the stakes are higher than ever. It is important for organizations to review their security practices, and adopt the philosophy of least privileged access for users.
The Zero Trust architecture, a term coined by an analyst at Forrester Research, embraces the approach that no user should be trusted implicitly. In simple terms, every time a user tries to access IT resources, a unique verification process exists, irrespective of the user being in an internal or external network. Never trust, always verify!
This improves the security posture for the organization and brings additional layers of access control.
The complexity in implementing a Zero Trust Architecture increases with the complexity of the IT infrastructure. In a hybrid cloud infrastructure, the data can be collected in multiple data stores, which increases the number of access points for attackers. Many organizations use network segmentation to build smaller units of the network, thereby reducing impact in case of a breach. With the help of privileged access management, organizations can administer policies such as least privilege access and just-in-time access.
COVID-19 has also seen a huge impact on changing consumer demands in technology. To provide enhanced customer experience, organizations shift their focus from on-premises to cloud and hybrid infrastructure, thereby promoting Software as a Service (SaaS) solutions. Since these applications are accessed via the internet, the need to strengthen access control to ensure data loss prevention from critical blackened servers exists.
Here are five interesting articles about Zero Trust Architecture and how an organization can strengthen its security posture during the pandemic and beyond.
1. A Practical Guide to Zero-Trust Security
Organizations are exploring different IT infrastructure models in order to ensure high availability and the security of applications for users and employees. The Zero Trust approach strengthens the security posture of sophisticated IT architecture by focusing on five pillars: devices, user, transport/session, application, and data.
2. COVID-19 offers a unique opportunity to pilot zero trust, rapidly and at scale
The sudden increase in individuals working from home has drawn the attention of cyber attackers to the vulnerabilities in the remote access tools these workers use. The Zero Trust security model offers better visibility and scalability than virtual private networks, and can be easily integrated to existing single sign-on platforms without an additional cost of infrastructure.
3. Security Think Tank: Facing the challenge of zero trust
A strict verification of users and devices in the architecture, along with adopting a least privilege access philosophy, facilitates the Zero Trust model. This process comes with much technical debt as most organizations struggle vulnerabilities in using legacy systems, absence of a privileged access management solution and many other challenges.
4. Preventing insider threats, data loss and damage through zero trust
There is no solution that will absolutely prevent every insider threat. However, the right mix of tools, such as unified endpoint management software, security information and event management, along with the integration of artificial intelligence and machine learning technologies can help organizations minimize the chance of one occurring.
5. Rethinking Enterprise Access, Post-COVID-19
The speed and agility of organizations have resulted in the creation of new applications and pivoting of existing applications to support customers and employees during the pandemic, as it was the need of the hour. But it has also exposed the weakness in the way organizations deal with application access for users, employees, and partners.
COVID-19 provides opportunities for CISOs to have a reality check on their security posture, and plan ahead to avoid security debt, a scenario that can result when organizations do not invest enough money or resources into security efforts upfront. Zero Trust Architecture will serve its ultimate purpose of providing heightened security and low risk of breach only when organizations have established visibility into the users, endpoints and applications, and understand the interactions between them. By isolating and compartmentalizing the critical resources and controlling access to them, organizations reduce the scale of a cyberattack and reduce the risk of a huge data breach.