Zero Trust Architecture

Written By Ashad El

Never Trust, Always Verify.

The coined phrase popularized the Zero Trust security framework, in which every step in the network's process is monitored for how, who, what, when, and where the user is trying to log into the system. This architecture was created by John Kindervag, the Principal Analyst at Forrester research, in 2010, changing the focus from potential outside threat actors to viewing every and all traffic/devices/networks guilty until proven innocent.  

What is Zero Trust based on?

It requires these foundational ideas to implement functional Zero Trust Architecture:

  1. All resources must be accessed in a secure manner (certain information on the network is only open to specific individuals, this means there must be more proof for the individual other than just username and password i.e. dual factor authentication)

  2. Access control is on a need-to-know basis

  3. Do not trust people, verify what they are doing

  4. Inspect all log traffic coming in on the network for malicious activity

  5. Design networks from the inside out

It is these key ideas that have switched the ideas of cybersecurity from protecting systems and networks from potential foreign and domestic hackers creeping in the shadows waiting to strike when the organization is most vulnerable. Specifically in our world of remote work, virtual meetings, and network access from any location, it's about thinking ahead, hackers aren’t waiting, they are taking actions to infiltrate the systems of those who haven’t taken the actions required for remote access. Zero Trust is looking to not only identify these security problems, but to eliminate them through vigorous defensive tactics, against every and all with access to the server. 

Lets go a little deeper into the rules that govern Zero Trust though,

The Seven Tenets of Zero Trust Architecture:

  1. Rigorously enforce authentication and authorization: all resources require mandatory authentication, paired with technologies such as MFA (multi factor authentication), no account has implicit access without explicit permission.

  2. Maintain data integrity: enterprises measure and monitor the security and integrity of all owned and associated assets, assess their vulnerabilities, patch levels, and other potential cybersecurity threats.

  3. Gather data for improved security: enterprises should collect current information from multiple sources, such as network infrastructure and communications, to regulate and improve security standards. 

  4. Consider every data source and computing device as a resource: enterprises should consider any device with access to an enterprise-level network as a resource

  5. Keep all communication secured regardless of network location: physical network locations alone should never imply trust. People connecting via enterprise and non-enterprise networks must undergo the same security requirements for resource access.

  6. Grant resource access on a per-session basis: enterprises should enforce a least-privilege policy (a user should only be granted the minimum privileges required to complete a task). Every access request requires evaluation and, when granted, does not immediately provide access to other resources. Users will need to submit a separate request for subsequent data access

  7. Moderate access with a dynamic policy: enterprises need to protect resources with a transparent policy that continuously defines resources, accounts, and the type of privileges linked to each account. The process may involve attributes, such as device characteristics such as software versions and network locations

As you can see, the Zero Trust Architecture addresses every part of the system that could be deemed vulnerable, and limits access on a need to know basis with rigorous system access controls.  How were these steps created though? What exactly are the ZTA guidelines based on? Well this is where the Pillars of Zero Trust come in: 

  1. User- Involves focus on user identification, authentication, and action control policies which verify user attempts connecting to the network using dynamic and contextual data analysis.

  2. Device- performs “system of record” validation of user-controlled and autonomous devices to determine acceptable cybersecurity posture and trustworthiness 

  3. Network- isolates sensitive resources from being accessed by unauthorized people or things by dynamically defining network access, deploying micro-segmentation techniques, and control network flows while encrypting end-to-end traffic

  4. Infrastructure- ensures systems and services within a workload are protected against unintended and unauthorized access, and potential vulnerabilities. 

  5. Application- integrates user, device and data components to secure access at the application layer. Security wraps each workload and compute container to prevent data collection, unauthorized access or tampering with sensitive applications and services

  6. Data- Involves focus on securing and enforcing access to data based on the data categorization and classification to isolate the data from everyone except those that need access 

  7. Visibility and Analytics- Provides insight into user and system behavior analytics and by observing real-time communications between all Zero Trust components 

  8. Orchestration and Automation- Automates security and network operational processes across the ZTA by orchestrating functions between similar and disparate security systems and applications. 

Implementation:

How does one implement a Zero Trust framework within their systems?

First you must determine the protect surface of the network, that is the place where your DAAS (Data, Assets, Applications, and Services) is heavily stored and also the most heavily protected, this makes cybersecurity less complex compared to securing an entire network and its channels that could potentially lead to its DAAS. Then you must understand how the traffic in your network interacts with your DAAS.  Different users may interact with the system in specific ways, therefore monitoring the process of interaction allows you to limit the access each user is allowed to solely the information required to complete their tasks. 

After the preliminary assessment, setting up your Zero-trust architecture is possible. There is no one way to secure the protect surface of your organization, but using a Next Generation Firewall is one of the best tools to decrypt, monitor, authenticate, and defend your network.  It addresses every pillar of ZTA, making sure to protect user identities and allowing for multifactor identification, monitoring application usage based on device and location within the network, and uses organization intelligence to conclude the best actions and security measures for the system. This can be the most helpful tool for creating a microperimeter around the protect surface. 

Finally, a Zero Trust Policy must be set in place to ensure all employees and systems are working in congruence. This is where the Who, What, Where, When, Why, and How is addressed…

  • WHO am I allowing to access the system

  • WHAT applications are being used to access DAAS

  • WHEN is the network being accessed

  • WHERE is the destination of the user

  • WHY is the user trying to gain access to DAAS

  • HOW is the user accessing the DAAS, (aka how do they use the applications)

Answering these questions is how you create and maintain a ZTA along with constant monitoring of the system and an enterprise-wide understanding of how access to the network should be properly obtained. 

We’ve heard all these wonderful security benefits of Zero Trust, but…

are there any issues ZTA poses?

There are a few challenges Zero Trust must overcome to make its validity as a security system as advertised. The real problems lie at its implementation, as as because it is network specific and is about patching up specific critical areas in the network with whatever makes the most sense, this could lead to cracks in the security systems in place, DAAS can be accessed if robust attention to detail is not used when setting up the architecture. 

Another issue posed in the constant monitoring of the system, and its need for update immediately a change in position is made within the organization. Lets for example say there is an employee that has been promoted, they are given greater access to the network by a high-level superior, but if that change is not updated in the system immediately, that individual will not be able to do the work required of them.

This then leads to probably the biggest problem facing ZTA… productivity. If there is a problem detected in the system where a group of users is locked out of the network and cannot access critical information, this brings down overall productivity of the corporation and makes the financial loss potentially greater than the cost of updating the system to include Zero Trust.

Zero Trust possesses a huge potential to change the way we secure our critical systems in a post-COVID19 world, but are the risks worth the benefits of Zero Trust Architecture when implemented correctly?


Resources: https://www.gsa.gov/cdnstatic/Zero_Trust_Architecture_Buyers_Guide_v2_July_2022.pdf

https://www.techtarget.com/searchsecurity/tip/Top-risks-of-deploying-zero-trust-cybersecurity-model




Ashad El
Previous

Sixteen Critical Infrastructures: An Overview

Next

Industrial Control Systems