Organisations are increasingly turning to Zero Trust as a security framework, amid pressure to protect systems and data from sophisticated attacks.
The 2019 Zero Trust Adoption report, by Cybersecurity Insiders, found that 78 per cent of IT security teams are looking to embrace Zero Trust.
The trend towards Zero Trust has been exacerbated by increased adoption of cloud services, IoT and a mobile workforce, where corporate assets and users are beyond traditional security perimeters.
This article explores the principles of a Zero Trust model and how this model can help organisations overcome many security challenges. It also covers steps organisations can take to get started with a Zero Trust model.
Zero Trust: The new frontier
The idea of Zero Trust is simple: Trust no one.
While traditional security models apply a ‘Trust but verify’ approach, Zero Trust follows the principle of ‘Never trust, always verify’. It does this by continuously authenticating and monitoring, using AI and machine learning.
Zero Trust is an end-to-end approach to cybersecurity, encompassing identity, network and endpoint protections. The following diagram by the US National Institute of Standards and Technology shows an example of the core logical components in a Zero Trust architecture that may operate on-premises or in the cloud.
This conceptual framework shows the basic relationship between Zero Trust components and their interaction.
While there is no one-size-fits-all approach to Zero Trust, the idea behind them all is the same:
- To understand who the user is, and to confirm their identity
- To understand the user’s endpoint, and its security status
- To have a conditional policy that specifies whether the user can have access to something.
In achieving this, Zero Trust architecture’s typically draw on a range of practises and technologies, including:
- Microsegmentation, to limit the attack surface and give security teams more control over lateral movement
- Multifactor Authentication (MFA), to authenticate access to trusted users
- Identity Access Management (IAM), combines MFA with other identity solutions, including single sign-on
- Privileged Access Management (PAM), to secure, manage and monitor privileged access to critical assets
- Monitoring and analytics, to identify anomalies in user behaviour and traffic, and provide data to trigger alerts for suspicious activity
- Orchestration, to automate processes and shrink the security perimeter around a single application
- Encryption, to protect sensitive data
- Network access control (NAC), to strengthen security by enforcing policies across all users and devices
- Mobile device management (MDM), to monitor, manage and secure employees’ mobile devices
- File system permissions, to control the user’s ability to view, navigate, change or execute on the contents of a protected file system.
Many organisations consider Zero Trust the holy grail of cybersecurity, for good reason.
A Zero Trust framework enables organisations to significantly reduce the attack surface, and the effectiveness of stolen credentials. Zero Trust can also reduce or eliminate the need for VPNs, while enabling a better user experience and longer-term cost savings.
Zero Trust: A rising need
The need for a Zero Trust approach to cybersecurity is clear.
Consider these statistics: global spending on cybersecurity is $173 billion and is forecast to reach $270 billion by 2026, according to the Australian Cyber Security Growth Network. Organisations are throwing their money behind security in an effort to outpace cybercriminals.
According to Australia’s Cybersecurity Strategy, cyber incidents targeting small, medium and large Australian businesses can cost the economy up to $29 billion per year, or 1.9 per cent of Australia’s GDP.
The types of attacks taking place demonstrate why Zero Trust is so important.
According to the 2019 Verizon Data Breach Investigations Report, 81 per cent of data breaches are caused by compromised, weak and reused passwords.
The same report shows that 34 per cent of data breaches involve internal actors.
The shift to a remote workforce combined with digitisation and the exponential growth of data has also led to a rapidly expanding and complex attack surface that has effectively made the traditional security perimeter redundant.
Zero Trust overcomes modern security challenges by extending security beyond the perimeter and abiding by the principle of least privilege.
It assumes everyone and everything is a potential threat both inside and outside the network, and applies strict and continuous authentication and controls to govern access.
It also uses automation to help security teams focus on their most important tasks – a huge advantage in an industry short of skills.
Zero Trust is not a ‘set and forget’ strategy, but rather a multi-phase journey that starts with improving visibility and a clear, strategic plan incorporating the right technologies.
Arrow can assist channel partners establish an end-to-end security framework to deploy a full Zero Trust architecture.
With one of the strongest global security propositions in the market, Arrow provides partners with leading technology solutions from the world’s most innovative security vendors. It also provides specialist expertise across the whole security space.
Channel partners can also leverage Arrow’s vast network of suppliers to deliver an end-to-end security offering that protects their customers’ critical infrastructure from edge to core to cloud.
Get in touch to learn more about Arrow’s security and Zero Trust capabilities.