LINEARSTACK
March 23, 2023

The Zero Trust Security Model

How zero trust security protects businesses from advanced threats and how to implement it in your organisation

What is zero trust?

The Zero Trust security model assumes that individuals and devices both within and outside the network perimeter can be security threats, and requires explicit identity verification before any internal or external entity is granted access to protected assets. The paradigm – also known as perimeter-less security – treats both internal and external threats as equally important, and removes organisations' implicit trust in internal entities.  

Current discussions around the zero trust model and its increased relevance today are part of a bigger shift in cyber security. Security professionals recognise that traditional perimeter-focused cyber defence strategies simply aren't enough to deal with today's computing and data storage models. Attacker tactics have evolved as business and IT operations have moved beyond the perimeter to the cloud.  

Threat actors now have a much larger and inadequately protected attack surface to target than they did before, and for a cyber security strategy to be truly effective, it needs to be built on the assumption that threats are already present within the network boundaries. The only way to stop these threats from spreading and causing serious damage is to limit users' interaction with parts of the network that they don't need to do their jobs and to build granular access controls at different points within the network. This can be accomplished with network segmentation, setting up micro perimeters around smaller segments, and ensuring least-privilege access.

We briefly touch upon the main principles and features of zero trust security in the section below, followed by a high-level explanation of the steps involved in implementing the model.  

The principles and features of zero trust security  

The principle of least privilege

Users and devices should have access only to those assets and data that they need to perform their functions. Access permissions must not exceed what is necessary and must expire once that need is met.  

Assume breach

The network security infrastructure must be designed based on the assumption that the network is already compromised and threats are always present within the boundaries of the internal network.

Never trust, always verify

The identities of (both internal and external) users and devices must always  be verified before they are granted access to a protected resource.  

  • Multi-factor authentication - Multiple methods of identity verification should be used.
  • Reverification – Logins must be timed out after a certain amount of time has elapsed since access was first granted, requiring reverification for continued access.
Protect surface

This includes an organisation's most sensitive data, assets, applications and servers that need the greatest degree of protection from threats. Different assets may be assigned different levels of protection based on varying degrees of sensitivity.  

Network segmentation

The enterprise network should be divided into smaller segments based on logical attributes, and inter-segment traffic flow should be limited. This helps prevent lateral movement of threat actors and limits damage to an individual segment in the event of a data breach.

Segmentation Gateway

A segmentation gateway helps enforce network segment boundaries within an enterprise network by implementing granular, rule-based access control. It limits traffic flow between different segments and is included as a feature in most next-generation firewalls.  

Steps to implement the zero trust model

Identify and demarcate the protect surface

In order to effectively implement the zero trust model, an organisation's security team begins by identifying its "protect surface", or its most critical and sensitive data and assets. The protect surface of a company is always considerably smaller than its attack surface, and includes data, assets, applications and services that, if compromised, can lead to serious legal, financial, operational and reputational damage.  

Map the flow of traffic to and from the assets and data included in the protect surface

After clearly defining and inventorying the hardware and software assets that make up the protect surface, the security team maps the enterprise traffic flow in relation to the protect surface. This requires a clear understanding of how IT systems within the network are designed, and how the assets within the protect surface interact with other entities in the organisation.  

Build a zero trust network based on steps 1 and 2

A zero trust network is not a one-size-fits-all solution. It looks different for each organisation implementing it, based on its IT infrastructure, protect surface and the various different entities interacting with the protect surface. It usually involves deploying a next-gen firewall to create microperimeters around different elements of the protect surface (segmenting sensitive data), and setting up some form of granular access control (based on user, device and application).

Create a policy to support the model

A policy to support the zero trust network architecture set up in step 4 completes the implementation of the model. The zero trust policy covers all the rules governing who or what can request access to the protect surface, why, how and when access should be granted and for how long.  Identity verification is one of the core components of a zero trust policy, and access to protected resources is granted to known entities only.

Monitor and maintain the zero trust network

Once implemented, the zero trust network has to be maintained and constantly monitored to function effectively. Traffic monitoring, log collection and inspection, and data analytics help security teams catch threats early and identify gaps in the zero trust architecture.

Many of the concepts associated with the zero-trust model have been among cyber security best practices for a long time, but a formalised  zero trust architecture with all its foundational components and related practices is being seen as a critical need only now. Recent ransomware attacks, the scale of the damage they caused, and policy changes directing organisations to move closer to zero trust cyber security have accelerated its adoption among both public and private entities and added vigor to discussions about it.  

Security-focused organisations the world over are adopting the model, and as the switch to cloud computing and hybrid work becomes more widespread, more and more businesses will see value in it.

Blogs

Start Reading

Our latest blogs and news are here for you

What is Attack Surface Management?

Attack surface management (ASM) is the continuous process of identifying and addressing cybersecurity vulnerabilities.
Read More

Zero Trust Architecture Strategy - Memorandum

US Government memorandum on moving Federal agencies and departments towards zero trust cyber security principles
Read More

When to Leverage the Negative vs Positive Security Model

Ransomware is a threat all organisations face however, it is preventable. Read what you can do to prevent
Read More
Are you experiencing a security issue? Call us now.