Zero-Trust Architecture: What is it and why should you care?


If you’re like most people, the thought of your sensitive business data being stolen by some creep (that probably spends their entire day in pajama pants covered in Cheeto crumbs) is both infuriating and panic-inducing. You’ve got two choices:

1. You can either go to your doctor and have them increase the dosage on your anti-anxiety medication and write a note that lets you take a support animal on planes while you travel, ultimately ignoring the problem altogether.*

– or –

2. Do something about it. Shake off your own Cheeto crumbs and develop a healthy, robust cybersecurity posture.

One of the things you might want to consider as you develop that healthy, robust cybersecurity posture is a Zero-Trust Architecture.


What is Zero-Trust Architecture?

Traditional information security models still operate under the belief that everything that’s inside an organization’s network is a-ok, should be there, and can absolutely be trusted.

We know that’s not the case. In the IoT era and with all the unapproved devices that might be operating inside the confines of your network, you need a better solution. The idea that only the perimeter needs to be protected is outdated and, more importantly, unsafe.

Zero-Trust rectifies that. Zero-Trust is based on the principle that you should “never trust, always verify.” By using micro-segmentation and granular perimeter enforcement, Zero-Trust Architecture is designed to stop threats that may laterally move within a network.


Why does that matter?

When an attacker moves laterally through a network, they’re typically searching for valuables. Assets, data, and stuff they can sell. Traditionally, businesses would define sub-perimeters within their organization’s network that are designed to help identify the way an attack might spread and stop unrestricted lateral movement throughout the network.

This is important for a few reasons, but one in particular; the attacker’s point of ingress is not where they find what they’re looking for. They’ll typically need to move around, inside the perimeter to find the goods so to speak.

With a properly implemented Zero-Trust Architecture, you’re limiting an attacker’s ability to move laterally across your network. Simply you trust no one without verification.


So why Zero-Trust?

With Zero-Trust you’re treating all hosts as if they’re internet-facing and that potentially, and each one could compromise the entire network. It’s crucial to distinguish who your users are, which applications they are trying to reach, and if the action is considered an appropriate session.

With a properly implemented Zero-Trust Architecture, you’re limiting an attacker’s ability to move laterally across your network. Simply put, you trust no one without verification.


Things to Consider Regarding Implementing a Zero-Trust Architecture

I can’t stress the importance of visibility enough…

Having visibility to the applications, users, and data flow is integral. You need to understand who your users are, what applications they are using/trying to access, and what means of connection the attacker is using to do so. Without doing that you’ll never be able to develop or enforce a successful security policy that ensures secure data access.

Make Sure that data and resources are accessed securely. Base that access on user and location. One of the keys to successfully using a Zero-Trust architecture is knowing what your traffic looks like and how your data moves throughout your business’s systems.

Leverage your company’s policies to identify and allow or deny traffic that moves through specific junction points. This will enable the segmentation of your sensitive resources and help you establish boundaries that can be used to prevent those resources from being stolen.

Using third-party access management tools like Idaptive and Fortinet’s FortiNAC offering can help you do both. idaptive lets you implement an identity and access management solution that makes applying a principle of least privilege solution easier.

* Seriously, nobody wants to see a drugged-up, over-anxious adult who’s cradling their emotional support hamster, rocking back and forth as the airplane wheels lift off the ground.

Carl Keyser is the Content Manager at Integris.

Keep reading

vCIO vs. vCISO: What’s The Difference? 

vCIO vs. vCISO: What’s The Difference? 

Managing your IT operations is a big job, especially if you're a small or mid-sized company without the resources to hire a full internal IT staff. In these cases, most companies hire a managed IT service provider to fill the gaps. Yet, knowing who to hire and what...

Retainers for vCIOs and vCISOs: A Comprehensive Guide

Retainers for vCIOs and vCISOs: A Comprehensive Guide

If you're running an IT department at a small to mid-size company, you know— the demands on your infrastructure are greater than ever. Cyber threats are growing at an alarming pace, primarily fueled by the accessibility of AI to hackers. Cloud productivity, system...