Why today's IT security architectures should be designed according to the ZERO TRUST model
We live and work in the digital world. We are connected, using a variety of devices, and have access to applications and IT systems anywhere and anytime when connected to the Internet.
We can often do our work from home, as corporate IT systems are accessible even from remote locations. Corporate data does not exist on its own server any more, but also in the cloud. In a nutshell:
IT structures today have become more versatile, more complex and thus more vulnerable.
Safety was and still can be relatively simple: the enemy is often an external threat, so internal data should be safeguarded with security systems. Traditional security concepts assume that all services, devices, and users in your own IT corporate network can be trusted. These concepts have a disadvantage whereby as soon as someone enters the company network, hardly any security measures are present.
They do not take into account the fact that there is also a potentially significant security risk from their employees’ negligence as humans are often the weakest link in cybersecurity.
For too long, companies have only relied on the idea of outwardly sealed castles whose walls need to be reinforced to fend off attacks. Once attackers have broken through the outer walls and corporate walls, they can move freely within the company and have almost unlimited access to assets such as personal data, corporate secrets, developments and ideas.
Trust but verify is no longer a valid approach. Trust is a vulnerability. Moat-and-castle strategies have failed.” (Source: Forrester Research)
Traditional security approaches focus on protecting the network or the devices that access it. In today's digital enterprise environment, people in charge have far less control over networks, devices, applications, and people than they did before.
What used to work does not work anymore: The Broken Trust model.
The approach of a delimited network, which has to be protected so that the company can feel secure, was based on the axiom "Trust, but verify".
This model divides the network into two sides, external and internal:
- The external site is not "trusted" because it connects the company to the public Internet.
- On the internal "trusted" page, all internal users have access to sensitive resources without having to explicitly identify themselves.
The internal “flank” as a weak point in the attack: Once attackers at the external borders have successfully “authenticated” themselves, they gain unrestricted access within the company borders.
Digitalisation has made these borders more penetrable, if not eliminated them. There is no more separation of what is on the outside and inside. Digital companies have no boundaries: they exist wherever customers connect and where employees and partners interact with data and services.
Digital companies have no internal and external borders.
The contemporary approach of caution - the ZERO TRUST model
The zero-trust model is based on the principle "never trust, always verify". There is no distinction between the outside and the inside.
Compared to traditional concepts, the zero-trust model represents a paradigm shift in that it treats and distrusts all devices, services, and users alike.
This paradigm shift has significant implications for the IT security architecture as security systems no longer need to be deployed only at the network boundaries but across the network.
The network-perimeter-based information security models (e.g. firewalls) are no longer beneficial in today's digital enterprise because business is no longer limited by its four walls. Although we do not disregard a firewall’s function, it is merely part of the solution.
IT security teams must move toward a multi-tier zero-trust approach to data- and identity-centric security. The IT analyst Forrester Research believes that this is the only working security approach. The Zero Trust framework is the pragmatic model for today’s hostile reality that includes a mindset, operating model, and architecture tuned to the threat. It includes an operating model and an architecture that is tuned to cyber threats. A zero-trust approach never requires trust, but continually evaluates "trust" through a risk-based analysis of all available information.
Watch the recording of our webinar "Never trust, always verify! - the DriveLock Zero Trust platform"
The concepts of Zero Trust are simply described:
- Access to all resources and assets is secure and location-independent. These include applications, network drives or USB devices. This results in the requirement to authenticate all users and applications and to encrypt data traffic.
- Access control is based on the principle: Does a user need this application for his daily work and what rights does he have, e.g. reading, writing, full access? This principle is strictly adhered to.
- All traffic must be checked.
- The infrastructure is designed to check all activity and trust nothing and no one.
Read in the following post, what elements does a ZERO trust model consist of.
About the author: Andreas Fuchs is a product manager at DriveLock SE and an expert carrier for Zero Trust.