Companies love to throw around the term “Zero Trust” when advertising their security products. With all this marketing hype, it is easy to discount Zero Trust as just another marketing gimmick like “synergy.” However, the Zero Trust model can be an effective method to secure a network. Understanding exactly what Zero Trust is helps to see through the marketing BS so you can make informed decisions as you design and refine your environment.
Zero Trust does not protect against the initial breach and is not a substitute for perimeter security.
Walled Garden- An Outdated Approach
Before Zero Trust, many security models were based around a “walled garden” approach. A Walled Garden approach treats everything outside its “Walls”, or network perimeter, as dangerous and hostile. Anything inside the wall or network perimeter, however, was assumed safe and inherently trusted. This perimeter security approach is easy and cheap to implement due to its simplicity. The issue with the Walled Garden approach is that if a malicious actor can breach your network perimeter, they will have little trouble traversing and spreading inside the network. What enables this rapid spread is that the Walled Garden assumes everything inside the perimeter is trustworthy. So, when an attacker compromises a machine on the internal network, nothing is protecting the rest of the network from the bad actor.
Zero Trust- A Modern Solution
Zero Trust starts with the assumption that the attacker is present on the network. An internal network should not be inherently trusted any more than an external one. It is designed to prevent data breaches and limit lateral movement by locking down the internal network. Zero Trust does not protect against the initial breach and is not a substitute for perimeter security. Three main ideas that enable a Zero Trust approach to be effective: The Principle of Least Privilege, enhanced access control and IAM, and micro-segmentation.
Enforcing the Principle of Least Privilege
The Principle of Least Privilege is the practice of giving a user or service the minimum required privileges to accomplish the needed task. Network exposure is decreased along with the potential for privilege escalation if a machine or service gets compromised. This rule especially applies on high privilege accounts such as developers and administrators. These accounts should only have access to the resources that are directly used or managed by them. If an administrator account is granted full permissions across the entire environment and the account is compromised, an attacker has full reign across the entire organization. High privilege accounts are goldmines to attackers, and care should be taken to restrict these accounts as much as possible according to the Principle of Least Privilege. Additionally, utilize enhanced authentication controls such as multi-factor authentication for such accounts- a passphrase can be relatively easily compromised and should not be solely relied on to authenticate accounts.
Enhanced Access Control and IAM
A large part of Zero Trust is not trusting user accounts. Making users prove that they are who they claim to be is critical to enforcing a Zero Trust Architecture. Employ enhanced access controls such as multi-factor authentication to continually verify a user’s identity and credentials. This adds complexity and more elements that need to be compromised to gain full control of an account. For example, employing an employee passphrase, pin, and phone authenticator app requires an attacker to gain control of all three elements to fully control the account. Passwords are relatively easy to obtain via password dumps, other services, and social engineering. You should not solely rely on passwords to secure accounts.
Additionally, make sure to employ robust Identity and Access Management (IAM) to ensure that users have access to only the resources they need when they need them. IAM technologies allow administrators to easily track what resources users are accessing as well as allowing for granular account permissions. You can control exactly what and when a user can access a resource. IAM is a valuable tool for enforcing the Principle of Least Privilege for user accounts.
The best way to isolate and control network traffic is to employ micro-segmentation. This involved segmenting your network into small zones, which allows for enhanced access control tailored to different parts of the network. You can control who has access to different security zones and make it harder for an attacker to traverse the network if compromised. Additionally, this allows for layer 7 packet inspection, often branded as “deep packet inspection” or “next-generation firewalls.” Layer 7 packet inspection allows you to further control what gets in and out of each security zone based on the data being sent. This makes it more likely to detect a breach early, as well as limit the scope of a breach.
What Zero Trust is Not
Zero Trust has changed the security industry but recently has become a marketing buzz word that gets attached to products. It is important to understand that Zero Trust is not something you can buy, but a strategy that must be implemented across your environment to be effective. Buying a firewall advertised as “Zero Trust” does not make your environment a Zero Trust environment, but when used correctly in a larger Zero Trust strategy, it can be an invaluable tool. NuHarbor recommends services like CyberArk and Okta to help create and enforce Zero Trust access control, and these services can be worked into your organization to effectively implement Zero Trust. Understanding how these products and services can fit into your overall Zero Trust strategy is essential.
by: Hayley Froio
Information Assurance Team Member at NuHarbor Security
Follow us on Social Media for more information: